firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 19:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EFhuFfYw0d-rClg2wMC5hOlHBzre3DTAp8bIu_jYH5QzjaMwPeKz-A==
Age: 2629
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3300
Expires: Wed, 28 Sep 2022 20:54:28 GMT
Date: Wed, 28 Sep 2022 19:59:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sackcQs1KVZvB54mRQCo6M9pWKR9L0wL-9lUAmnef7g-NSt92EVmdw==
age: 52262
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:59:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 19:29:33 GMT
Expires: Wed, 28 Sep 2022 20:26:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ER9mnRU9_hX0h8IXpyRlSirM3QCV86ae4ydTQB_xzOrNpTgf8p5x-w==
Age: 1795
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3989
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:29 GMT
Last-Modified: Wed, 28 Sep 2022 18:53:00 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
c1.getapplicationmy.info/?step_id=1&installer_id=7615671449166612527&publisher_id=1273&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=1103257460271216829&external_id=0&session_id=5180070327736810423&hardware_id=10293465506191108006&product_name=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&=&=&=&=&=&=&=&=&=&=&=&=&filesize=6.25Mb&product_title=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&installer_file_name=Jads+and+Jad&product_download_url=%3CServerUrl%3E/addons/error.txt&reffer=http://www.mp3olimp.net/&product_file_name=error.txt
162.210.196.172302 Found 11 B URL HTTP/1.1 c1.getapplicationmy.info/?step_id=1&installer_id=7615671449166612527&publisher_id=1273&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=1103257460271216829&external_id=0&session_id=5180070327736810423&hardware_id=10293465506191108006&product_name=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&=&=&=&=&=&=&=&=&=&=&=&=&filesize=6.25Mb&product_title=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&installer_file_name=Jads+and+Jad&product_download_url=%3CServerUrl%3E/addons/error.txt&reffer=http://www.mp3olimp.net/&product_file_name=error.txt
IP 162.210.196.172:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert quad9 Sinkholed
GET /?step_id=1&installer_id=7615671449166612527&publisher_id=1273&source_id=0&page_id=0&affiliate_id=0&country_code=RU&locale=EN&browser_id=1&download_id=1103257460271216829&external_id=0&session_id=5180070327736810423&hardware_id=10293465506191108006&product_name=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&=&=&=&=&=&=&=&=&=&=&=&=&filesize=6.25Mb&product_title=Jads+and+Jadson+-+Jeito+Carinhos+[DVD+2013]&installer_file_name=Jads+and+Jad&product_download_url=%3CServerUrl%3E/addons/error.txt&reffer=http://www.mp3olimp.net/&product_file_name=error.txt HTTP/1.1
Host: c1.getapplicationmy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 28 Sep 2022 19:59:28 GMT
location: http://btpnative.com/click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473
server: nginx
set-cookie: sid=0f27d4a4-3f68-11ed-a180-f49dd94b3612; path=/; domain=.getapplicationmy.info; expires=Mon, 16 Oct 2090 23:13:35 GMT; max-age=2147483647; HttpOnly
btpnative.com/click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473
209.15.13.136200 OK 2.1 kB URL HTTP/1.1 btpnative.com/click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473
IP 209.15.13.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash 500956c38191fb695a2a32e2f86c81b2
cc683ec10d21728a8dc13d8ad9f41f5c232e12aa
5469ce2653d24e1dd08ae5d973702b62912a4baf0ed940b0dcb052cfb27eb36a
GET /click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473 HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: bfhDAdVLLDkXqvZ=bfhDAdVLLDkXqvZ; path=/
X-Server: web02
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Wed, 28 Sep 2022 19:59:28 GMT
Content-Length: 2140
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hDFucVsl2H9IB+ZJv46kvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Lyx1bdr55ykC6AMrU4O9mivuTI8=
btpnative.com/Redirect/
209.15.13.136302 Found 2.2 kB IP 209.15.13.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2142), with CRLF line terminators
Hash 2d0ac8268e14f4ad19eb8d043f628174
39a0eb65413141c60e4cd6759dc40f93cbb76eb2
2623b98239087f6a8dac22958a76b91ad3b1dd639cc0fc751a7224b560c82461
POST /Redirect/ HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 359
Origin: http://btpnative.com
Connection: keep-alive
Referer: http://btpnative.com/click?data=NTVteXFKdEVhaFdULVFNSURrMXg3cEd6cFp0M3AzazJLal9kcHRsaFlCczMyOUJUR29VblJEd0RXNjdTcWpoUGxhei1idE1vZ054V0JpWndiZUJnY01yMmtPMFQtMExFdTJLanBtaFVoTHc3QUg5bjFKMmNHTDFzVERxdEoxeHgzRW9HQVRvTHJkTlFUUVhmOWRucUR2YTZSSld6NWN1bmw1TlZ3OTlfYTg0MQ2&id=1fa46f70-2b00-451e-aae1-b92ea9bce473
Cookie: bfhDAdVLLDkXqvZ=bfhDAdVLLDkXqvZ
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://mybetterck.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYF4NN-Fy2QN7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cENpbWSCIHQ-FZcAMknNI4ZF80IsrCLG4Kr2dP7nXtnCzhSBMVsAVhP01H2yiS__esX152jrNZsPq3yGQPJxXcAu20esPp5mUmpSy35LDJ9EksHx8KKTxmZ7bCArU45ARqa6IT5YEGN6fK4ZQo-5RTa3IFU6_GWiOtjktFENBpsTBH8Ix7rv-o-hDwc3eliZ8w1c3_gviCtZyfuFl8aWibAMb7bre4z1nJYKMoDe0-GihTydKDN4tS4ljojxUfWyRe1cwYSO3hW0yR2F4Vfl9f89RdEwtQbmdnP_TT0ylJ3B3KbnJV5YwbPe_7svZdyhh1x3SQjATls6gG9CN6V73qwgw7H8zDtnK_4sCkGuu8-sn-IY95q6fgj_sU0RTy1ugMxp8Sk_tVGrfm0DMSDMYOf-Oc5Fyxnoclitee75HXECZw3VvtboKymcDGM__BSluxGZ3mdrCIXjkxiXPlO6PPH2BxK4K9jH_CX3f1DQGfbgmr35OHtIRs6K2jOPC_VPHkngNwUNnOgL2hXmCL90sB3Lu3zt1pjrNjsj6wbFkBw-bemSeUmbYWsOs71ZY1wj3Jk9SrrjUEQckOSRCh1Dg951cQqOcJZ29B7nd9X2aCKlBcEd0vWLWPcniTvq7FnLKlu5PnFcN8IVyCptB5yt7BZUVkbxdHsdTSeZZsGq08d5pTQww9Mqfjulhk4ec38Bj4IJbCpkPT9ue0ac7-WRXkZa0xa1Tym71zXEuw6pdJZBSL1c9cFUTWuzuJS8FaOTxbZNL_sN3qJYRwxh8r78HQAD7M3w7tgN3ao1rz-2k-rxeA9qRgGvqzwTts7Pl5c5Ger73w_fEgDx3E85TnCFvszy6wgErdxrYTqXIMOGWk6Jh9GwoJII7YO3acraJPj2wOy0Y7yAkZzLXeCYLlhdQ7xlxCDP32lrwT8WrTp_GqwZE7uLsCVSjCN-qnXxYcXkJeDAXdPeD8k5Zh7Wk5sUOhCrUkrVnknsZwQ1LAI0XqrA__bwfFnhzrV1FR0Zg7JUjw-qNPHp1P28NNkjB39YVs4Y3LaDNqfSCojR0jW7l2uo787dfS_A8k6_yuUwiCTGNzF8ESMDI-mSfzJkEnmCSeGiNWSVKM4gvBmb93VDXsh6S2rzwnERlcHJPtMVF6Fwoa7YOWLroL5e5wAN9fa0E-VHemtA5-njSYs2CsHl7oxvieyZzLOxGlg8yRP-l9k4uHTgGnZxstzZIGD6jRWxVibfvumnr1CklXdqdyQJueqJ85r88Jne4OBHQJpsyxV7m4MRXfqc9uZLPo2zZEFN5lY_FXAWgMdusLUVOz6tuUu0-COflArKyxRKSiEA1cvlrLvsQLmg2vrVlK5Pp8oP2etDvfwyvOBULiCG-9tNAm_5iQZyOHl1bR_ldLStVG0hIW97nm6yiHWrABMkdxsM1RPj7gI-YMD4K3BBPNnAxtXGTGYRpt5YWixL_ATMgKnqSIcchXbRZH9lLvyO0X2ZfHhcfx0th3Q4kWGpUsUn33_S49kDK9sTsFeDu1jg2_y7T_dCa7EZrJEJRYYgkztjT90-K2L-uKionY-xOhZKvtjGQbXnfont6XiKBmxg2A8P-6hjQNe-qgCMhLnblafJRV4wTE94OsVhoW2pqwemq1iuk-95Ptt8jX58PBafMazbXX_ih0dWLFmRkjVynk8BtUekGko8eoV6LiOFwlzkCkbzr4hhb22dkpBFaeVOufzA9N3nZ8WfBUQKpBpKPHqFei6Af3OPbBrXN2DTu-xlaeORzlwdneqSDnuPKbvWNovtyuV0tK1UbSEhb3uebrKIdauoGh-xEWeqfaGouEuwLVY_TN51QfSABfbNJ8SvslHwWnPsbtk97hvO9DWrRNXJ2_UOUVA7kenMPJDz4pxcPLju5oestkTcX-c
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Wed, 28 Sep 2022 19:59:28 GMT
Content-Length: 2214
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 21c8643db6d75b1bc9c09f2ca6881ac6
ff767bac23d4d6318f00f19a99e8a6d17402e864
7a680450a7a73886bb65c29fc23b1a75b652274ad11d0f5cb5055a549239161d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 19:20:06 GMT
Expires: Mon, 03 Oct 2022 19:20:05 GMT
Etag: "ff767bac23d4d6318f00f19a99e8a6d17402e864"
Cache-Control: max-age=429035,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f538c58b4fd-OSL
mybetterck.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYF4NN-Fy2QN7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cENpbWSCIHQ-FZcAMknNI4ZF80IsrCLG4Kr2dP7nXtnCzhSBMVsAVhP01H2yiS__esX152jrNZsPq3yGQPJxXcAu20esPp5mUmpSy35LDJ9EksHx8KKTxmZ7bCArU45ARqa6IT5YEGN6fK4ZQo-5RTa3IFU6_GWiOtjktFENBpsTBH8Ix7rv-o-hDwc3eliZ8w1c3_gviCtZyfuFl8aWibAMb7bre4z1nJYKMoDe0-GihTydKDN4tS4ljojxUfWyRe1cwYSO3hW0yR2F4Vfl9f89RdEwtQbmdnP_TT0ylJ3B3KbnJV5YwbPe_7svZdyhh1x3SQjATls6gG9CN6V73qwgw7H8zDtnK_4sCkGuu8-sn-IY95q6fgj_sU0RTy1ugMxp8Sk_tVGrfm0DMSDMYOf-Oc5Fyxnoclitee75HXECZw3VvtboKymcDGM__BSluxGZ3mdrCIXjkxiXPlO6PPH2BxK4K9jH_CX3f1DQGfbgmr35OHtIRs6K2jOPC_VPHkngNwUNnOgL2hXmCL90sB3Lu3zt1pjrNjsj6wbFkBw-bemSeUmbYWsOs71ZY1wj3Jk9SrrjUEQckOSRCh1Dg951cQqOcJZ29B7nd9X2aCKlBcEd0vWLWPcniTvq7FnLKlu5PnFcN8IVyCptB5yt7BZUVkbxdHsdTSeZZsGq08d5pTQww9Mqfjulhk4ec38Bj4IJbCpkPT9ue0ac7-WRXkZa0xa1Tym71zXEuw6pdJZBSL1c9cFUTWuzuJS8FaOTxbZNL_sN3qJYRwxh8r78HQAD7M3w7tgN3ao1rz-2k-rxeA9qRgGvqzwTts7Pl5c5Ger73w_fEgDx3E85TnCFvszy6wgErdxrYTqXIMOGWk6Jh9GwoJII7YO3acraJPj2wOy0Y7yAkZzLXeCYLlhdQ7xlxCDP32lrwT8WrTp_GqwZE7uLsCVSjCN-qnXxYcXkJeDAXdPeD8k5Zh7Wk5sUOhCrUkrVnknsZwQ1LAI0XqrA__bwfFnhzrV1FR0Zg7JUjw-qNPHp1P28NNkjB39YVs4Y3LaDNqfSCojR0jW7l2uo787dfS_A8k6_yuUwiCTGNzF8ESMDI-mSfzJkEnmCSeGiNWSVKM4gvBmb93VDXsh6S2rzwnERlcHJPtMVF6Fwoa7YOWLroL5e5wAN9fa0E-VHemtA5-njSYs2CsHl7oxvieyZzLOxGlg8yRP-l9k4uHTgGnZxstzZIGD6jRWxVibfvumnr1CklXdqdyQJueqJ85r88Jne4OBHQJpsyxV7m4MRXfqc9uZLPo2zZEFN5lY_FXAWgMdusLUVOz6tuUu0-COflArKyxRKSiEA1cvlrLvsQLmg2vrVlK5Pp8oP2etDvfwyvOBULiCG-9tNAm_5iQZyOHl1bR_ldLStVG0hIW97nm6yiHWrABMkdxsM1RPj7gI-YMD4K3BBPNnAxtXGTGYRpt5YWixL_ATMgKnqSIcchXbRZH9lLvyO0X2ZfHhcfx0th3Q4kWGpUsUn33_S49kDK9sTsFeDu1jg2_y7T_dCa7EZrJEJRYYgkztjT90-K2L-uKionY-xOhZKvtjGQbXnfont6XiKBmxg2A8P-6hjQNe-qgCMhLnblafJRV4wTE94OsVhoW2pqwemq1iuk-95Ptt8jX58PBafMazbXX_ih0dWLFmRkjVynk8BtUekGko8eoV6LiOFwlzkCkbzr4hhb22dkpBFaeVOufzA9N3nZ8WfBUQKpBpKPHqFei6Af3OPbBrXN2DTu-xlaeORzlwdneqSDnuPKbvWNovtyuV0tK1UbSEhb3uebrKIdauoGh-xEWeqfaGouEuwLVY_TN51QfSABfbNJ8SvslHwWnPsbtk97hvO9DWrRNXJ2_UOUVA7kenMPJDz4pxcPLju5oestkTcX-c
108.168.193.189302 Found 0 B URL HTTP/2 mybetterck.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYF4NN-Fy2QN7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cENpbWSCIHQ-FZcAMknNI4ZF80IsrCLG4Kr2dP7nXtnCzhSBMVsAVhP01H2yiS__esX152jrNZsPq3yGQPJxXcAu20esPp5mUmpSy35LDJ9EksHx8KKTxmZ7bCArU45ARqa6IT5YEGN6fK4ZQo-5RTa3IFU6_GWiOtjktFENBpsTBH8Ix7rv-o-hDwc3eliZ8w1c3_gviCtZyfuFl8aWibAMb7bre4z1nJYKMoDe0-GihTydKDN4tS4ljojxUfWyRe1cwYSO3hW0yR2F4Vfl9f89RdEwtQbmdnP_TT0ylJ3B3KbnJV5YwbPe_7svZdyhh1x3SQjATls6gG9CN6V73qwgw7H8zDtnK_4sCkGuu8-sn-IY95q6fgj_sU0RTy1ugMxp8Sk_tVGrfm0DMSDMYOf-Oc5Fyxnoclitee75HXECZw3VvtboKymcDGM__BSluxGZ3mdrCIXjkxiXPlO6PPH2BxK4K9jH_CX3f1DQGfbgmr35OHtIRs6K2jOPC_VPHkngNwUNnOgL2hXmCL90sB3Lu3zt1pjrNjsj6wbFkBw-bemSeUmbYWsOs71ZY1wj3Jk9SrrjUEQckOSRCh1Dg951cQqOcJZ29B7nd9X2aCKlBcEd0vWLWPcniTvq7FnLKlu5PnFcN8IVyCptB5yt7BZUVkbxdHsdTSeZZsGq08d5pTQww9Mqfjulhk4ec38Bj4IJbCpkPT9ue0ac7-WRXkZa0xa1Tym71zXEuw6pdJZBSL1c9cFUTWuzuJS8FaOTxbZNL_sN3qJYRwxh8r78HQAD7M3w7tgN3ao1rz-2k-rxeA9qRgGvqzwTts7Pl5c5Ger73w_fEgDx3E85TnCFvszy6wgErdxrYTqXIMOGWk6Jh9GwoJII7YO3acraJPj2wOy0Y7yAkZzLXeCYLlhdQ7xlxCDP32lrwT8WrTp_GqwZE7uLsCVSjCN-qnXxYcXkJeDAXdPeD8k5Zh7Wk5sUOhCrUkrVnknsZwQ1LAI0XqrA__bwfFnhzrV1FR0Zg7JUjw-qNPHp1P28NNkjB39YVs4Y3LaDNqfSCojR0jW7l2uo787dfS_A8k6_yuUwiCTGNzF8ESMDI-mSfzJkEnmCSeGiNWSVKM4gvBmb93VDXsh6S2rzwnERlcHJPtMVF6Fwoa7YOWLroL5e5wAN9fa0E-VHemtA5-njSYs2CsHl7oxvieyZzLOxGlg8yRP-l9k4uHTgGnZxstzZIGD6jRWxVibfvumnr1CklXdqdyQJueqJ85r88Jne4OBHQJpsyxV7m4MRXfqc9uZLPo2zZEFN5lY_FXAWgMdusLUVOz6tuUu0-COflArKyxRKSiEA1cvlrLvsQLmg2vrVlK5Pp8oP2etDvfwyvOBULiCG-9tNAm_5iQZyOHl1bR_ldLStVG0hIW97nm6yiHWrABMkdxsM1RPj7gI-YMD4K3BBPNnAxtXGTGYRpt5YWixL_ATMgKnqSIcchXbRZH9lLvyO0X2ZfHhcfx0th3Q4kWGpUsUn33_S49kDK9sTsFeDu1jg2_y7T_dCa7EZrJEJRYYgkztjT90-K2L-uKionY-xOhZKvtjGQbXnfont6XiKBmxg2A8P-6hjQNe-qgCMhLnblafJRV4wTE94OsVhoW2pqwemq1iuk-95Ptt8jX58PBafMazbXX_ih0dWLFmRkjVynk8BtUekGko8eoV6LiOFwlzkCkbzr4hhb22dkpBFaeVOufzA9N3nZ8WfBUQKpBpKPHqFei6Af3OPbBrXN2DTu-xlaeORzlwdneqSDnuPKbvWNovtyuV0tK1UbSEhb3uebrKIdauoGh-xEWeqfaGouEuwLVY_TN51QfSABfbNJ8SvslHwWnPsbtk97hvO9DWrRNXJ2_UOUVA7kenMPJDz4pxcPLju5oestkTcX-c
IP 108.168.193.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYF4NN-Fy2QN7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cENpbWSCIHQ-FZcAMknNI4ZF80IsrCLG4Kr2dP7nXtnCzhSBMVsAVhP01H2yiS__esX152jrNZsPq3yGQPJxXcAu20esPp5mUmpSy35LDJ9EksHx8KKTxmZ7bCArU45ARqa6IT5YEGN6fK4ZQo-5RTa3IFU6_GWiOtjktFENBpsTBH8Ix7rv-o-hDwc3eliZ8w1c3_gviCtZyfuFl8aWibAMb7bre4z1nJYKMoDe0-GihTydKDN4tS4ljojxUfWyRe1cwYSO3hW0yR2F4Vfl9f89RdEwtQbmdnP_TT0ylJ3B3KbnJV5YwbPe_7svZdyhh1x3SQjATls6gG9CN6V73qwgw7H8zDtnK_4sCkGuu8-sn-IY95q6fgj_sU0RTy1ugMxp8Sk_tVGrfm0DMSDMYOf-Oc5Fyxnoclitee75HXECZw3VvtboKymcDGM__BSluxGZ3mdrCIXjkxiXPlO6PPH2BxK4K9jH_CX3f1DQGfbgmr35OHtIRs6K2jOPC_VPHkngNwUNnOgL2hXmCL90sB3Lu3zt1pjrNjsj6wbFkBw-bemSeUmbYWsOs71ZY1wj3Jk9SrrjUEQckOSRCh1Dg951cQqOcJZ29B7nd9X2aCKlBcEd0vWLWPcniTvq7FnLKlu5PnFcN8IVyCptB5yt7BZUVkbxdHsdTSeZZsGq08d5pTQww9Mqfjulhk4ec38Bj4IJbCpkPT9ue0ac7-WRXkZa0xa1Tym71zXEuw6pdJZBSL1c9cFUTWuzuJS8FaOTxbZNL_sN3qJYRwxh8r78HQAD7M3w7tgN3ao1rz-2k-rxeA9qRgGvqzwTts7Pl5c5Ger73w_fEgDx3E85TnCFvszy6wgErdxrYTqXIMOGWk6Jh9GwoJII7YO3acraJPj2wOy0Y7yAkZzLXeCYLlhdQ7xlxCDP32lrwT8WrTp_GqwZE7uLsCVSjCN-qnXxYcXkJeDAXdPeD8k5Zh7Wk5sUOhCrUkrVnknsZwQ1LAI0XqrA__bwfFnhzrV1FR0Zg7JUjw-qNPHp1P28NNkjB39YVs4Y3LaDNqfSCojR0jW7l2uo787dfS_A8k6_yuUwiCTGNzF8ESMDI-mSfzJkEnmCSeGiNWSVKM4gvBmb93VDXsh6S2rzwnERlcHJPtMVF6Fwoa7YOWLroL5e5wAN9fa0E-VHemtA5-njSYs2CsHl7oxvieyZzLOxGlg8yRP-l9k4uHTgGnZxstzZIGD6jRWxVibfvumnr1CklXdqdyQJueqJ85r88Jne4OBHQJpsyxV7m4MRXfqc9uZLPo2zZEFN5lY_FXAWgMdusLUVOz6tuUu0-COflArKyxRKSiEA1cvlrLvsQLmg2vrVlK5Pp8oP2etDvfwyvOBULiCG-9tNAm_5iQZyOHl1bR_ldLStVG0hIW97nm6yiHWrABMkdxsM1RPj7gI-YMD4K3BBPNnAxtXGTGYRpt5YWixL_ATMgKnqSIcchXbRZH9lLvyO0X2ZfHhcfx0th3Q4kWGpUsUn33_S49kDK9sTsFeDu1jg2_y7T_dCa7EZrJEJRYYgkztjT90-K2L-uKionY-xOhZKvtjGQbXnfont6XiKBmxg2A8P-6hjQNe-qgCMhLnblafJRV4wTE94OsVhoW2pqwemq1iuk-95Ptt8jX58PBafMazbXX_ih0dWLFmRkjVynk8BtUekGko8eoV6LiOFwlzkCkbzr4hhb22dkpBFaeVOufzA9N3nZ8WfBUQKpBpKPHqFei6Af3OPbBrXN2DTu-xlaeORzlwdneqSDnuPKbvWNovtyuV0tK1UbSEhb3uebrKIdauoGh-xEWeqfaGouEuwLVY_TN51QfSABfbNJ8SvslHwWnPsbtk97hvO9DWrRNXJ2_UOUVA7kenMPJDz4pxcPLju5oestkTcX-c HTTP/1.1
Host: mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=81412752446
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 28 Sep 2022 19:59:30 GMT
content-length: 0
set-cookie: rhid=81412752446; Max-Age=15552000; Expires=Mon, 27-Mar-2023 19:59:30 GMT; Domain=mybetterck.com; Path=/; SameSite=None; secure;
location: https://p274639.mybetterck.com/adServe/domainClick?ai=tMxzWfm12LpkbNIWurMDWoiXD7klJ1soTN51QfSABfYD6oPh4t22c9B9_vdKnsZCUhrhXB7h4Q0Uuwo5IbgEBdUi6xSvMdRUq3nDjZUkzHvLJyjqHra8mGW6CHfeBodVgvgI1g_o4dK0Bqs_9EYIR_VYuzZSYLtak8a2TCfMlWrIMMlTWYfZjlToK4-_1ACOP0s6MBsFTTAOGVIq7SQHt2xDKr8Rw5O7dO4wvtGnrzTddVqW4b_Ykxw_vxfmXwaLNORDvO_u8SbIzzh0hp6ogO7JzK4vQzmiPaDGm4CwDwXfw_JoL1ALTR_29IAMKrswtsrhcGeRW6RqgEE0f5FjhxhGK23FSY41eOG-uPJj6bxlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWvrphb_I88ZSIO3PHyowRR_6p576eQm9fr2iPLc49PERgUkMD_VLeROfuqs0moSwPq7QXN-ylcxrw3TeQXSnFC-IokKZjFQZ7rqNKnLYX0tfAD-AuLqsioXaRG_Rn9EU5baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkC4FXmAKRd9aSyJTuzQtneEKj1HVaOgt_lw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3gUMCZFDPA5eSNaBH9W47pomJmpXnVSXAuWEOrnfwZmTzSi7POAjgQDzkTIYbeCY1Hn59BaP8A9XQ&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=2Vb288azLYM&rr=0&abtg=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15388
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:59:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15388
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:59:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15388
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:59:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15388
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:59:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15388
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:59:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmVkKXoPqZmnwFtpKhuox1kJNDoSxMEmYE39_zVPyaeoU4sPqq-_wA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:23 GMT
age: 80107
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Di1kDUlYEc1rv31fHM-OquU_W_LggEzDCTVME5iFJ5KffZcQyN6i2A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:31:39 GMT
age: 44871
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 80100
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 79947
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 80317
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rV80hKsopWPf_A8hKw0kwTOjVN4Bq-5f8oXDP2wluyGwof5yXFe2Bw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:42:47 GMT
age: 80203
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
142.250.74.163200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 29564, version 1.0\012- data
Hash 1b66ccb164151a6cf698667c8b570cc6
f5617a0f087645703c874453960be6382c8a7427
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
GET /s/permanentmarker/v16/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chosenproduct.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 04:32:23 GMT
expires: Sun, 24 Sep 2023 04:32:23 GMT
cache-control: public, max-age=31536000
age: 401227
last-modified: Tue, 19 Apr 2022 17:55:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
chosenproduct.com/favicon.ico
46.105.126.224404 Not Found 604 B URL HTTP/2 chosenproduct.com/favicon.ico
IP 46.105.126.224:0
Hash 4e56a276cbb614a5fba670dd0cb56533
344f6a89b013c5c3da9d8654d6cb9cb73e274d69
b090ac2ff149f2541de03f8c858046950af8abdf56ba0f41eeae0d8c89f3ce31
GET /favicon.ico HTTP/1.1
Host: chosenproduct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chosenproduct.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.10.3
date: Wed, 28 Sep 2022 19:59:30 GMT
content-type: text/html
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 1ead9d91ed690667b0a358c5dba647e8
9cde69017bc5b90acf4c78bce960f453e05d64d0
897f0ee1cdba73c3425092111e7d60801b14d6c1b981c7ed25a1b60d1233b427
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 19:59:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 22:39:59 GMT
Expires: Wed, 28 Sep 2022 22:39:59 GMT
ETag: "9cde69017bc5b90acf4c78bce960f453e05d64d0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r.srvtrck.com/v1/redirect?type=linkId&id=210e22d18edb4f55ac2129213f0d740c&api_key=1d897aa295f3a987ef3cac111ef75592&site_id=303af113113d40559f8c6c07e745a987&dch=feed&ad_t=advertiser&yk_tag=s-no-NO-443565139
104.19.168.96302 Found 0 B URL HTTP/2 r.srvtrck.com/v1/redirect?type=linkId&id=210e22d18edb4f55ac2129213f0d740c&api_key=1d897aa295f3a987ef3cac111ef75592&site_id=303af113113d40559f8c6c07e745a987&dch=feed&ad_t=advertiser&yk_tag=s-no-NO-443565139
IP 104.19.168.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/redirect?type=linkId&id=210e22d18edb4f55ac2129213f0d740c&api_key=1d897aa295f3a987ef3cac111ef75592&site_id=303af113113d40559f8c6c07e745a987&dch=feed&ad_t=advertiser&yk_tag=s-no-NO-443565139 HTTP/1.1
Host: r.srvtrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 19:59:31 GMT
content-length: 0
location: http://www.batteryupgrade.ch
p3p: CP="CAO PSA OUR"
set-cookie: ykuid=08c1ecdc264a49d28a90bb2f153b55b0; Domain=.srvtrck.com; Expires=Thu, 28-Sep-2023 19:59:31 GMT; Path=/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751f0f5a0b3bb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.batteryupgrade.ch/
89.188.12.130301 Moved Permanently 238 B IP 89.188.12.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 861cc11661e653ac8dece88dc4c461bc
aa6b60d780e98aacacc5b199a27a8272c25cc085
04c423803a42c7bb3d3d6027e48fcb6790d79079d1c4b58209bd742c9041e8dc
GET / HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Sep 2022 19:59:31 GMT
Server: Apache/2.4.54 (Debian)
Location: https://www.batteryupgrade.ch/
Content-Length: 238
Connection: close
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3f4cd19cfaab4807aa39b0f277ffb4cb
16660b3c46f06ac4e582c820bfbcc8c8204a5c6e
47579ac9b982a5bb26449a033abf210a480b9eae522b72ef1153647b73c67b0c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47579AC9B982A5BB26449A033ABF210A480B9EAE522B72EF1153647B73C67B0C"
Last-Modified: Tue, 27 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21508
Expires: Thu, 29 Sep 2022 01:57:59 GMT
Date: Wed, 28 Sep 2022 19:59:31 GMT
Connection: keep-alive
www.batteryupgrade.ch/
89.188.12.130200 OK 22 kB IP 89.188.12.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65486), with no line terminators
Hash f6a62cafa8dc882bced15b401e58e01d
936c013313a7d79a182e681c02ed7c53d029e39e
af85ce5d3b597419e57586b9cb170175572fd45cfdbafb345f01eac2bbc4a99e
GET / HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:31 GMT
Server: Apache/2.4.54 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=el6gp386380f261l19b31feg08; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22455
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2caa539e025c33760688ffe3ad111e3a
2c8bf30c9faca601dc28aac6c09a6d0bf3675d45
ce52dfdf8490683decc34878b77c011046b3b0ddf9ce42a22a52dcf7967475a9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 07:33:43 GMT
Expires: Wed, 05 Oct 2022 07:33:42 GMT
Etag: "2c8bf30c9faca601dc28aac6c09a6d0bf3675d45"
Cache-Control: max-age=559449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f611939b4fd-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2caa539e025c33760688ffe3ad111e3a
2c8bf30c9faca601dc28aac6c09a6d0bf3675d45
ce52dfdf8490683decc34878b77c011046b3b0ddf9ce42a22a52dcf7967475a9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 07:33:43 GMT
Expires: Wed, 05 Oct 2022 07:33:42 GMT
Etag: "2c8bf30c9faca601dc28aac6c09a6d0bf3675d45"
Cache-Control: max-age=559449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f612829b505-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2caa539e025c33760688ffe3ad111e3a
2c8bf30c9faca601dc28aac6c09a6d0bf3675d45
ce52dfdf8490683decc34878b77c011046b3b0ddf9ce42a22a52dcf7967475a9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 07:33:43 GMT
Expires: Wed, 05 Oct 2022 07:33:42 GMT
Etag: "2c8bf30c9faca601dc28aac6c09a6d0bf3675d45"
Cache-Control: max-age=559449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f612810b529-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2caa539e025c33760688ffe3ad111e3a
2c8bf30c9faca601dc28aac6c09a6d0bf3675d45
ce52dfdf8490683decc34878b77c011046b3b0ddf9ce42a22a52dcf7967475a9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 07:33:43 GMT
Expires: Wed, 05 Oct 2022 07:33:42 GMT
Etag: "2c8bf30c9faca601dc28aac6c09a6d0bf3675d45"
Cache-Control: max-age=559449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f612def1c06-OSL
media.bttry.net/assets/07168010/js/grwpjs/require.js
35.201.89.39200 OK 16 kB URL HTTP/2 media.bttry.net/assets/07168010/js/grwpjs/require.js
IP 35.201.89.39:0
File type ASCII text, with very long lines (1007)
Hash 6020db79c078ed02469b21c17c00e806
e02b7a02b34ffda3f98cbe7b5947e49f4cfef347
0070d2e259006e7e98fc08cdfc9329717c090077ecb2f1e670e3e7a0e5420d21
GET /assets/07168010/js/grwpjs/require.js HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtvVmX8VoHEH_CyaY4z4kCtgfvPUM-rk8Mgbx4nXpmqtBeWQ0G_69ssrsHwKR5Y98JO45ZSdwbSJZkdT-gzPDp2v_Bd--Xg
x-goog-generation: 1656416141927789
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16477
x-goog-meta-goog-reserved-file-mtime: 1656416051
x-goog-hash: crc32c=lzIJ6g==, md5=YCDbecB47QJGmyHBfADoBg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 16477
server: UploadServer
date: Wed, 28 Sep 2022 19:11:11 GMT
expires: Wed, 28 Sep 2022 20:11:11 GMT
cache-control: public, max-age=3600
age: 2901
last-modified: Tue, 28 Jun 2022 11:35:41 GMT
etag: "6020db79c078ed02469b21c17c00e806"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 65a399a0400cd3bbe139818374c37daf
7672f6788ec76435e7a5f55ad29a1d0235e25e0a
c71b9559aa088c88491a378528c08f4eb4dff38940c07a59314eefbe848c07c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
media.bttry.net/banner_images/bu/homepagebanner_2021%20BU%20Homepagina%20banner%20-%20voorjaar.jpg
35.201.89.39200 OK 90 kB URL HTTP/2 media.bttry.net/banner_images/bu/homepagebanner_2021%20BU%20Homepagina%20banner%20-%20voorjaar.jpg
IP 35.201.89.39:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=354, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=755], progressive, precision 8, 755x354, components 3\012- data
Hash 8efb0d3971e14a56f9fbefa7807db9b3
0342dd84c1e14edfe308e5e33eccb2c49f768fb3
1047679fb64ae5783e30a1926fd8d72e26b4db4a16f3ced01d56bc5a3311bf9f
GET /banner_images/bu/homepagebanner_2021%20BU%20Homepagina%20banner%20-%20voorjaar.jpg HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduhzhQHvBXW9UI7NCAHLV1tyzKMQVlK-49ZFewoDGdRvwX7mPTavGq1P8Q7dXGCGWuV2TgEixQi5theME87jMQONbhA12ZD
x-goog-generation: 1614239133233024
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89955
x-goog-meta-gcsfuse_mtime: 2021-02-25T07:45:33.09266556Z
x-goog-hash: crc32c=BDvDxA==, md5=jvsNOXHhSlb5+++ngH25sw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 89955
server: UploadServer
date: Wed, 28 Sep 2022 19:36:11 GMT
expires: Wed, 28 Sep 2022 20:36:11 GMT
cache-control: public, max-age=3600
age: 1401
last-modified: Thu, 25 Feb 2021 07:45:33 GMT
etag: "8efb0d3971e14a56f9fbefa7807db9b3"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
media.bttry.net/assets/07168010/js/_BWF/js/functions.js
35.201.89.39200 OK 1.0 kB URL HTTP/2 media.bttry.net/assets/07168010/js/_BWF/js/functions.js
IP 35.201.89.39:0
Hash 0d0b88a6a7279ba71d6cf00a12812d4d
33105c5d7123d07a2f0e6045285f45af7b37ed2a
d3edf467c2965804357947ae2855d396d925e319963a4d86842fe5acaae3b174
GET /assets/07168010/js/_BWF/js/functions.js HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtGeNoQCWxJr2u6x5rw9nbso5rQYhEFj-3KZoEjqo5YOY81guCjqECZUIUnnMAVUBclfsb7rnUc9QjQg_yQbD9dxQ-ZSOLQ
x-goog-generation: 1656416138265939
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1049
x-goog-meta-goog-reserved-file-mtime: 1656416051
x-goog-hash: crc32c=XBmKcA==, md5=DQuIpqcnm6cdbPAKEoEtTQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 1049
server: UploadServer
date: Wed, 28 Sep 2022 19:11:11 GMT
expires: Wed, 28 Sep 2022 20:11:11 GMT
cache-control: public, max-age=3600
age: 2901
last-modified: Tue, 28 Jun 2022 11:35:38 GMT
etag: "0d0b88a6a7279ba71d6cf00a12812d4d"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
media.bttry.net/assets/07168010/js/grwpjs/modernizr-3.3.1.min.js
35.201.89.39200 OK 95 kB URL HTTP/2 media.bttry.net/assets/07168010/js/grwpjs/modernizr-3.3.1.min.js
IP 35.201.89.39:0
File type HTML document, ASCII text, with very long lines (600)
Hash 858602e44e462ae594c0690a1339ab89
e74da1648a7c0590957f14b23839406e50378212
3e85ad9fe40549760f4f833e7ee14264f3308fa9c7d4366616261ee5af7aae57
GET /assets/07168010/js/grwpjs/modernizr-3.3.1.min.js HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdut9u4rFe1A9wQL29FGvFnMaNDsVJrjzo2hg0C5dkGcYgOzP0E_RMxTnLtzk1Q8oejNkiVu3jiQIjdgT2mxuM-fd7n5kOpw
x-goog-generation: 1656416141099760
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 95298
x-goog-meta-goog-reserved-file-mtime: 1656416051
x-goog-hash: crc32c=L4kdxw==, md5=hYYC5E5GKuWUwGkKEzmriQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 95298
server: UploadServer
date: Wed, 28 Sep 2022 19:18:31 GMT
expires: Wed, 28 Sep 2022 20:18:31 GMT
cache-control: public, max-age=3600
age: 2461
last-modified: Tue, 28 Jun 2022 11:35:41 GMT
etag: "858602e44e462ae594c0690a1339ab89"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion.js
142.250.74.34200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (2021)
Hash 644b3aa474b0b7418649a582badfd446
b86345e44ed16c69f9b8efbd6a9ae426d7b6a8cc
b29181ba84a74ed0344e80b66101125293ccaeb15a22456a02aefdb7671a344a
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Sep 2022 19:59:32 GMT
expires: Wed, 28 Sep 2022 19:59:32 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11313833467736987248
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 17403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
media.bttry.net/assets/07168010/js/polyfill.min.js
35.201.89.39200 OK 15 kB URL HTTP/2 media.bttry.net/assets/07168010/js/polyfill.min.js
IP 35.201.89.39:0
File type ASCII text, with very long lines (15103), with no line terminators
Hash 0161f0fd99a0d1b13e25067cb76dfd5b
9ba2e94d8a5b4ea319e699e7701bb21f2ed9cb57
2ef65825d324e90006d1b9c97ee670d9588346d4e88c1eaf2cbcfc830e09e5f7
GET /assets/07168010/js/polyfill.min.js HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtfPCvposmIBEnDEgWkCMzU7XNjCDLUMg-I2M_YCm_ztbKLlJb1f2k4RfsjOZcvGk5VBJUPPk_99bfG7FSZUUFOqA
x-goog-generation: 1656416144498737
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 15103
x-goog-meta-goog-reserved-file-mtime: 1656416078
x-goog-hash: crc32c=1sXLbA==, md5=AWHw/Zmg0bE+JQZ8t239Ww==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 15103
server: UploadServer
date: Wed, 28 Sep 2022 19:18:31 GMT
expires: Wed, 28 Sep 2022 20:18:31 GMT
cache-control: public, max-age=3600
age: 2461
last-modified: Tue, 28 Jun 2022 11:35:44 GMT
etag: "0161f0fd99a0d1b13e25067cb76dfd5b"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.batteryupgrade.ch/images/braunoni2017/home/categories/stofzuiger.jpg
89.188.12.130200 OK 5.2 kB URL HTTP/1.1 www.batteryupgrade.ch/images/braunoni2017/home/categories/stofzuiger.jpg
IP 89.188.12.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x120, components 3\012- data
Hash 131c869110e530cb222629039644dfee
c5168d339e6d54143d9bfe11c456a68f85c1ad72
3f66b1a845a712c75950c8b8f8e96fa4e4d7d5e157d85e4dd9b62a49603ba60f
GET /images/braunoni2017/home/categories/stofzuiger.jpg HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "1429-5e280e22dca70"
Accept-Ranges: bytes
Content-Length: 5161
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/jpeg
www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-visa.png
89.188.12.130200 OK 2.3 kB URL HTTP/1.1 www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-visa.png
IP 89.188.12.130:0
File type PNG image data, 49 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d1fa3f4c9dec90651b42bc3db03aa0fa
f5eaa69377d392395c3ce51f1e50148652a7e813
0fffebebb735ad54f2412b07e9fd6a3e4a4b5a8f4b61058f8f86d2731ab8ed94
GET /images/braunoni2017/payment/paymentmethods/payment-visa.png HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "8cd-5e280e22dda10"
Accept-Ranges: bytes
Content-Length: 2253
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/png
www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-paypal.png
89.188.12.130200 OK 2.5 kB URL HTTP/1.1 www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-paypal.png
IP 89.188.12.130:0
File type PNG image data, 90 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 630e124385f0927e0f94e70421d17b91
9434be3ac3f639fe7a0606c5ba24856c41f3f6ee
977d3ba4e3a6d6783cf813ce4d3b3ef576561f37afdc54f28551df15ea8b5143
GET /images/braunoni2017/payment/paymentmethods/payment-paypal.png HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "9f4-5e280e22dda10"
Accept-Ranges: bytes
Content-Length: 2548
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/png
media.bttry.net/assets/07168010/css/main.min.css
35.201.89.39200 OK 163 kB URL HTTP/2 media.bttry.net/assets/07168010/css/main.min.css
IP 35.201.89.39:0
File type ASCII text, with very long lines (36493)
Size 163 kB (163113 bytes)
Hash adac310d38906108df6ca74e86ba391e
951f3e84ce9fff9ca96eeb90c982bf87b4c12821
e787f0379b3582d44574b584c478b5fee48bda257e467dff79d1c21be67fe075
GET /assets/07168010/css/main.min.css HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtQdGf9ZQ_JC9Dbp9abcFJtQkvOnhWPFM3M4jlmVER4pAAdnEXBDBVDnjg-ZQfpoyoXwhtH3Gzc1q2PPzxUKOaRKov2TAyS
x-goog-generation: 1656416136850454
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 163113
x-goog-meta-goog-reserved-file-mtime: 1656416078
x-goog-hash: crc32c=C8vxnw==, md5=rawxDTiQYQjfbKdOhro5Hg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 163113
server: UploadServer
date: Wed, 28 Sep 2022 19:33:32 GMT
expires: Wed, 28 Sep 2022 20:33:32 GMT
cache-control: public, max-age=3600
age: 1560
last-modified: Tue, 28 Jun 2022 11:35:36 GMT
etag: "adac310d38906108df6ca74e86ba391e"
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.batteryupgrade.ch/images/braunoni2017/home/categories/boormachine.jpg
89.188.12.130200 OK 5.0 kB URL HTTP/1.1 www.batteryupgrade.ch/images/braunoni2017/home/categories/boormachine.jpg
IP 89.188.12.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x120, components 3\012- data
Hash 6d7f5dca0308c22a45a2b48d6fd1e722
0d0e0fc40379849068200bffd8ac1b49c6e84cc1
0eb63dd5683370f3f34fb1fd031ab4f09d77f130b4457ae511e144afa20aece0
GET /images/braunoni2017/home/categories/boormachine.jpg HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "1364-5e280e22dca70"
Accept-Ranges: bytes
Content-Length: 4964
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 553d32dd4cc8e05b91f7bebc94f0ac4a
715ee18c314776a43e4faa33b689356246567e3f
77ffc37d779019267e4ed820be18d8f3ac8247e236de23bd7bb43d8f54ed0c4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-americanexpress.png
89.188.12.130200 OK 1.8 kB URL HTTP/1.1 www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-americanexpress.png
IP 89.188.12.130:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash c462b8b2439ec33d1c6785bc18760afc
5b38fa47c8be293f1f95922f0bc581edfa1e560c
a44500f8d875bda2f727342b34e703cb00f428948c1fc868bbcf97752a015bad
GET /images/braunoni2017/payment/paymentmethods/payment-americanexpress.png HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "718-5e280e22dda10"
Accept-Ranges: bytes
Content-Length: 1816
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/png
www.batteryupgrade.ch/images/braunoni2017/home/categories/smartphone.jpg
89.188.12.130200 OK 7.3 kB URL HTTP/1.1 www.batteryupgrade.ch/images/braunoni2017/home/categories/smartphone.jpg
IP 89.188.12.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x120, components 3\012- data
Hash bc2f26e92fdd28e817c17bd7d746bb69
10063173af6352c94316cfdf7c3e39fc422482c2
17268d6e613d3a5cc6b3ba541cc07389a0cbb6487cc4a6ed8c251dcc972a1ee1
GET /images/braunoni2017/home/categories/smartphone.jpg HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "1ca9-5e280e22dca70"
Accept-Ranges: bytes
Content-Length: 7337
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-mastercard.png
89.188.12.130200 OK 2.1 kB URL HTTP/1.1 www.batteryupgrade.ch/images/braunoni2017/payment/paymentmethods/payment-mastercard.png
IP 89.188.12.130:0
File type PNG image data, 49 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a5d13db9f3ba12e8a43956de2fa1e9f
525d19ecc4c1023975524c5bef7501e603387687
8b880d0ac70686e6f06986a00fc959ab1d77074736a20c1070f6d45df5de2d56
GET /images/braunoni2017/payment/paymentmethods/payment-mastercard.png HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "84e-5e280e22dda10"
Accept-Ranges: bytes
Content-Length: 2126
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/png
www.batteryupgrade.ch/images/braunoni2017/home/categories/notebook.jpg
89.188.12.130200 OK 4.9 kB URL HTTP/1.1 www.batteryupgrade.ch/images/braunoni2017/home/categories/notebook.jpg
IP 89.188.12.130:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 206x120, components 3\012- data
Hash 2c5c3f6f4335b961dd7f0f6f904ab11d
8586b5604ada99f603e2ac7dfd88f6bac4bd0585
0f3258076a7f46c33b168edc90e0d36ff1fce2eb131bcbe8164491fe4ed907ea
GET /images/braunoni2017/home/categories/notebook.jpg HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "1302-5e280e22dca70"
Accept-Ranges: bytes
Content-Length: 4866
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/jpeg
media.bttry.net/bu/braunoni2017/flag/sprite.png
35.201.89.39200 OK 15 kB URL HTTP/2 media.bttry.net/bu/braunoni2017/flag/sprite.png
IP 35.201.89.39:0
File type PNG image data, 16 x 460, 16-bit/color RGBA, non-interlaced\012- data
Hash df5ab3a1e9e3b6d24f38fd7abe0b9c0b
5b5ddd5ae17156ac380a605e8a461021a68da06b
2f3494b7f0513edbf8143ada7287413bfee5807e611bae7d98d39b619dbb41e6
GET /bu/braunoni2017/flag/sprite.png HTTP/1.1
Host: media.bttry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bttry.net/assets/07168010/css/main.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsktWw4PmNpOaoHgokt9DYFBeMIdcUwEjjkd_PyTQYLg5VEuFEMsLxZ8bQjBhNq7Sqm6vFhaXzD0d00ZYmGHCfqsQ
x-goog-generation: 1635864881954935
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14692
x-goog-meta-goog-reserved-file-mtime: 1635864728
x-goog-hash: crc32c=7zccdw==, md5=31qzoenjttJPOP16vgucCw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 14692
server: UploadServer
date: Wed, 28 Sep 2022 19:29:55 GMT
expires: Wed, 28 Sep 2022 20:29:55 GMT
cache-control: public, max-age=3600
age: 1777
last-modified: Tue, 02 Nov 2021 14:54:42 GMT
etag: "df5ab3a1e9e3b6d24f38fd7abe0b9c0b"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M53HQ95
142.250.74.72200 OK 57 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M53HQ95
IP 142.250.74.72:0
File type ASCII text, with very long lines (4662)
Hash bd279a64adac8b29e01c1dee1bdc1d36
a1d104f5cef2b01013278427c682a4086ed6cc2e
d1f8ddb9f9fe26b3a730492962d6dbf00ffe06d0251a035f815dc21be45721b6
GET /gtm.js?id=GTM-M53HQ95 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 19:59:32 GMT
expires: Wed, 28 Sep 2022 19:59:32 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 18:50:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2caa539e025c33760688ffe3ad111e3a
2c8bf30c9faca601dc28aac6c09a6d0bf3675d45
ce52dfdf8490683decc34878b77c011046b3b0ddf9ce42a22a52dcf7967475a9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 07:33:43 GMT
Expires: Wed, 05 Oct 2022 07:33:42 GMT
Etag: "2c8bf30c9faca601dc28aac6c09a6d0bf3675d45"
Cache-Control: max-age=559449,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f0f61fadbb4fd-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb2f3cc13b8ab763c5f346d6fc23054d
1768cc61721a6a6624c1ccbf2c874342f53abd99
3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.batteryupgrade.ch
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 352687
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.google-analytics.com/ga.js
142.250.74.104200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.104:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 28 Sep 2022 18:17:11 GMT
expires: Wed, 28 Sep 2022 20:17:11 GMT
cache-control: public, max-age=7200
age: 6141
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash afa078b70d80b6b5afcd913b9a626159
ccce4ced1c0e2aacb3c9de29c995e69084fdd851
b39fd4ba1a0a96216d68eaddf1ce8dd67c4cceae45f90c29e4b3093300873d08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070102528/?random=1664395169679&cv=9&fst=1664395169679&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.34200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1070102528/?random=1664395169679&cv=9&fst=1664395169679&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2314), with no line terminators
Hash 38d93e090dae6274854fe053b9c92531
00df4368771d6f873787073652d088accbce1d58
c19b9701882069c4302b24c5cb12de0c9d7b6659969e7b7a42ad0addf33b382e
GET /pagead/viewthroughconversion/1070102528/?random=1664395169679&cv=9&fst=1664395169679&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 19:59:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1055
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Sep-2022 20:14:32 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.batteryupgrade.ch/images/braunoni2017/favicon.ico
89.188.12.130200 OK 1.2 kB URL HTTP/1.1 www.batteryupgrade.ch/images/braunoni2017/favicon.ico
IP 89.188.12.130:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 136d5262d74db8599929b4bbe8a799df
02c5e7c13909fa3c7d134de70e2281b7c1af3087
679ff821d6e9d67cc9a80a429c692eb3d11eb27b6b37b3375939174c529ceb5e
GET /images/braunoni2017/favicon.ico HTTP/1.1
Host: www.batteryupgrade.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Cookie: PHPSESSID=el6gp386380f261l19b31feg08
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 19:59:32 GMT
Server: Apache/2.4.54 (Debian)
Last-Modified: Tue, 28 Jun 2022 12:07:41 GMT
ETag: "47e-5e280e22dca70"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: max-age=86400
Expires: Thu, 29 Sep 2022 19:59:32 GMT
Connection: close
Content-Type: image/vnd.microsoft.icon
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7ed37e03b72b8da3fb7f6c476ae9a1f
c335157b42102c71f5431bc295b2b2542af781d4
66ad71fe8fc69a39c7852c1b8e1fe1308e8ccaf2a147ed1c3a6866d3b248f9a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.cf44a0a6b448df1b035e.js
143.204.55.68200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.cf44a0a6b448df1b035e.js
IP 143.204.55.68:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 5f131c93ccff63ccc86d0067d0eebf99
a599898399783be0db5f757c043b828a0726deec
91980f4223c639c3849139a6e692ccf10310f0b57d74b403198af020fc7398a2
GET /modules.cf44a0a6b448df1b035e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 66148
date: Wed, 28 Sep 2022 11:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f131c93ccff63ccc86d0067d0eebf99"
last-modified: Wed, 28 Sep 2022 11:36:53 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7kwu3ZlL70un11qp07-98rn_g5hdwP62gUbMeUqWyi4UR-RDtGuQqQ==
age: 30146
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 29102972fb9fde106a95422d220e56a1
8b9b2daed36f5cc67c71549616b561842c0ed740
2e01e1afcd76c390dd0d86baf9f4a88c02792c5c0870d59911cd8dbe46436ca3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1070102528/?random=1664395169679&cv=9&fst=1664391600000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&fmt=3&is_vtc=1&random=1100533187&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1070102528/?random=1664395169679&cv=9&fst=1664391600000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&fmt=3&is_vtc=1&random=1100533187&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1070102528/?random=1664395169679&cv=9&fst=1664391600000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_pagetype%3Dhome&frm=0&url=https%3A%2F%2Fwww.batteryupgrade.ch%2F&tiba=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&fmt=3&is_vtc=1&random=1100533187&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 19:59:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467
64.233.165.154302 Found 366 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467
IP 64.233.165.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash aaca7b605913a3d46262b71df27ad875
647d9a32d2c077feab11cec5bb5dc43de6401e78
0119816766a57b43cbdef078834205df102a2636d31076fe2bd72b7d40d39e73
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.batteryupgrade.ch/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 19:59:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.batteryupgrade.ch/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 19:59:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-215155-1&cid=1079438106.1664395170&jid=533491960&_v=5.7.2&z=2116644467&slf_rd=1&random=322815193
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 29102972fb9fde106a95422d220e56a1
8b9b2daed36f5cc67c71549616b561842c0ed740
2e01e1afcd76c390dd0d86baf9f4a88c02792c5c0870d59911cd8dbe46436ca3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
142.250.74.163200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.batteryupgrade.ch
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:59:14 GMT
expires: Tue, 26 Sep 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 176418
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Hash f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41
GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zITkWVKHfg9jBXvw36nmhxIQQAKq2KT7NKrBkV9qMFfk_5Ny-rd4Vg==
age: 1852945
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1eefefb3b607aa38e387d21186006d42
f1878481dff39afc79564dca4f6939a4b81f5ea7
b9011e095634ed695f18b8b901e89d2be93d84b5f25f812e8f665da588858810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:59:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-CCJQ3Y2XPQ>m=2oe9q0&_p=957397586&cid=416946429.1664395170&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664395170&sct=1&seg=0&dl=https%3A%2F%2Fwww.batteryupgrade.ch%2F&dt=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-CCJQ3Y2XPQ>m=2oe9q0&_p=957397586&cid=416946429.1664395170&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664395170&sct=1&seg=0&dl=https%3A%2F%2Fwww.batteryupgrade.ch%2F&dt=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-CCJQ3Y2XPQ>m=2oe9q0&_p=957397586&cid=416946429.1664395170&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664395170&sct=1&seg=0&dl=https%3A%2F%2Fwww.batteryupgrade.ch%2F&dt=Akkus%20f%C3%BCr%20alle%20Ger%C3%A4te%20auf%20der%20Welt%20-%20BatteryUpgrade&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.batteryupgrade.ch
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.batteryupgrade.ch
date: Wed, 28 Sep 2022 19:59:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 1ead9d91ed690667b0a358c5dba647e8
9cde69017bc5b90acf4c78bce960f453e05d64d0
897f0ee1cdba73c3425092111e7d60801b14d6c1b981c7ed25a1b60d1233b427
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 19:59:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 22:39:59 GMT
Expires: Wed, 28 Sep 2022 22:39:59 GMT
ETag: "9cde69017bc5b90acf4c78bce960f453e05d64d0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
p274639.mybetterck.com/adServe/domainClick?ai=tMxzWfm12LpkbNIWurMDWoiXD7klJ1soTN51QfSABfYD6oPh4t22c9B9_vdKnsZCUhrhXB7h4Q0Uuwo5IbgEBdUi6xSvMdRUq3nDjZUkzHvLJyjqHra8mGW6CHfeBodVgvgI1g_o4dK0Bqs_9EYIR_VYuzZSYLtak8a2TCfMlWrIMMlTWYfZjlToK4-_1ACOP0s6MBsFTTAOGVIq7SQHt2xDKr8Rw5O7dO4wvtGnrzTddVqW4b_Ykxw_vxfmXwaLNORDvO_u8SbIzzh0hp6ogO7JzK4vQzmiPaDGm4CwDwXfw_JoL1ALTR_29IAMKrswtsrhcGeRW6RqgEE0f5FjhxhGK23FSY41eOG-uPJj6bxlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWvrphb_I88ZSIO3PHyowRR_6p576eQm9fr2iPLc49PERgUkMD_VLeROfuqs0moSwPq7QXN-ylcxrw3TeQXSnFC-IokKZjFQZ7rqNKnLYX0tfAD-AuLqsioXaRG_Rn9EU5baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkC4FXmAKRd9aSyJTuzQtneEKj1HVaOgt_lw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3gUMCZFDPA5eSNaBH9W47pomJmpXnVSXAuWEOrnfwZmTzSi7POAjgQDzkTIYbeCY1Hn59BaP8A9XQ&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=2Vb288azLYM&rr=0&abtg=0
108.168.193.189200 OK 0 B URL HTTP/2 p274639.mybetterck.com/adServe/domainClick?ai=tMxzWfm12LpkbNIWurMDWoiXD7klJ1soTN51QfSABfYD6oPh4t22c9B9_vdKnsZCUhrhXB7h4Q0Uuwo5IbgEBdUi6xSvMdRUq3nDjZUkzHvLJyjqHra8mGW6CHfeBodVgvgI1g_o4dK0Bqs_9EYIR_VYuzZSYLtak8a2TCfMlWrIMMlTWYfZjlToK4-_1ACOP0s6MBsFTTAOGVIq7SQHt2xDKr8Rw5O7dO4wvtGnrzTddVqW4b_Ykxw_vxfmXwaLNORDvO_u8SbIzzh0hp6ogO7JzK4vQzmiPaDGm4CwDwXfw_JoL1ALTR_29IAMKrswtsrhcGeRW6RqgEE0f5FjhxhGK23FSY41eOG-uPJj6bxlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWvrphb_I88ZSIO3PHyowRR_6p576eQm9fr2iPLc49PERgUkMD_VLeROfuqs0moSwPq7QXN-ylcxrw3TeQXSnFC-IokKZjFQZ7rqNKnLYX0tfAD-AuLqsioXaRG_Rn9EU5baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkC4FXmAKRd9aSyJTuzQtneEKj1HVaOgt_lw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3gUMCZFDPA5eSNaBH9W47pomJmpXnVSXAuWEOrnfwZmTzSi7POAjgQDzkTIYbeCY1Hn59BaP8A9XQ&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=2Vb288azLYM&rr=0&abtg=0
IP 108.168.193.189:0
GET /adServe/domainClick?ai=tMxzWfm12LpkbNIWurMDWoiXD7klJ1soTN51QfSABfYD6oPh4t22c9B9_vdKnsZCUhrhXB7h4Q0Uuwo5IbgEBdUi6xSvMdRUq3nDjZUkzHvLJyjqHra8mGW6CHfeBodVgvgI1g_o4dK0Bqs_9EYIR_VYuzZSYLtak8a2TCfMlWrIMMlTWYfZjlToK4-_1ACOP0s6MBsFTTAOGVIq7SQHt2xDKr8Rw5O7dO4wvtGnrzTddVqW4b_Ykxw_vxfmXwaLNORDvO_u8SbIzzh0hp6ogO7JzK4vQzmiPaDGm4CwDwXfw_JoL1ALTR_29IAMKrswtsrhcGeRW6RqgEE0f5FjhxhGK23FSY41eOG-uPJj6bxlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWvrphb_I88ZSIO3PHyowRR_6p576eQm9fr2iPLc49PERgUkMD_VLeROfuqs0moSwPq7QXN-ylcxrw3TeQXSnFC-IokKZjFQZ7rqNKnLYX0tfAD-AuLqsioXaRG_Rn9EU5baMHjMW5FMVZ1q7sg30V1X0j3MVUJ4vmn3Zyn6-Rw-YR_ep3g43JQoLurTSybV3_zVVlMvpZOzxY7hA_5WLvNF7vPMElssBC8QYVDSNYmQ3hu-U9ACuKtcekCIShJdvtuB6OXN_rsgcmEGqekUBiPLxdLCBTbS2E-vcPMz4vkC4FXmAKRd9aSyJTuzQtneEKj1HVaOgt_lw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSHTbvXa9bc3gUMCZFDPA5eSNaBH9W47pomJmpXnVSXAuWEOrnfwZmTzSi7POAjgQDzkTIYbeCY1Hn59BaP8A9XQ&si=1&oref=22a3b7b148bba753762bd6aaf4a8a708&optunit=r66YW_yPPGUiDtzx8qMEUc7n_r2HV6hZ&rb=2Vb288azLYM&rr=0&abtg=0 HTTP/1.1
Host: p274639.mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=81412752446
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:59:30 GMT
content-type: text/html;charset=ISO-8859-1
vary: Accept-Encoding
set-cookie: rhid=81412752446; Max-Age=15552000; Expires=Mon, 27-Mar-2023 19:59:30 GMT; Domain=mybetterck.com; Path=/; SameSite=None; secure;
loi=ad_1115396_off_560965_aff_89916_cid_274639-575901862-GETAPPLICATIONMY.INFO_ts_1664395170; Max-Age=3600; Expires=Wed, 28-Sep-2022 20:59:30 GMT; Domain=mybetterck.com; Path=/; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2
chosenproduct.com/redirect-simple?ci=182&c=no&c_p=s&c_s=416058226&c_k=computers&c_geo=NO&c_d=Desktop
46.105.126.224200 OK 0 B URL HTTP/2 chosenproduct.com/redirect-simple?ci=182&c=no&c_p=s&c_s=416058226&c_k=computers&c_geo=NO&c_d=Desktop
IP 46.105.126.224:0
GET /redirect-simple?ci=182&c=no&c_p=s&c_s=416058226&c_k=computers&c_geo=NO&c_d=Desktop HTTP/1.1
Host: chosenproduct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.10.3
date: Wed, 28 Sep 2022 19:59:30 GMT
content-type: text/html; charset=UTF-8
x-frame-options: *
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Permanent+Marker&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Permanent+Marker&display=swap
IP 142.250.74.10:0
GET /css?family=Permanent+Marker&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://chosenproduct.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 19:59:30 GMT
date: Wed, 28 Sep 2022 19:59:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300i,400,600,700,700i&subset=cyrillic,greek
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300i,400,600,700,700i&subset=cyrillic,greek
IP 142.250.74.10:0
GET /css?family=Open+Sans:300i,400,600,700,700i&subset=cyrillic,greek HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.bttry.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 19:59:32 GMT
date: Wed, 28 Sep 2022 19:59:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1682517.js?sv=6
54.230.111.8200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1682517.js?sv=6
IP 54.230.111.8:0
GET /c/hotjar-1682517.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.batteryupgrade.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 19:59:32 GMT
cache-control: max-age=60
etag: W/4979b13c9ed5773ba7a3da1ff23d84cf
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QIcodv-Wwunl0_EmjWFU3MgoSu9AWBdoQkhalmEoA7i1peHqBleyUw==
age: 9
X-Firefox-Spdy: h2