firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 04:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rNydfSF80f_uQPQ_iZe9fisTCMDvEd-ejfS9aGuKeJa1LivBf-YdCA==
Age: 413
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18633
Expires: Tue, 27 Sep 2022 09:32:56 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u0wo4F_qUzbn9podjqk1J8T3UQWdXpm0vWD03q2xFbC2xvIV4pF-vg==
age: 85628
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 04:22:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pipscoco.com/
107.154.146.154200 OK 13 kB IP 107.154.146.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 15326522545662fb175879e0f6b20fe9
7019c3bce0958b9b1316d5da6f5825e44358c10e
161cd7a1492d7751ffaffcaac244cebfef60bd5c49e71715b67837b805672e32
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 04:22:23 GMT
Server: Apache
Link: <https://pipscoco.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 12705
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:04 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvmXLYusVSKZ=vtZAnClExoK; path=/; Max-Age=900
___utmvaXLYusVSKZ=qrwMyNP; path=/; Max-Age=900
___utmvbXLYusVSKZ=wZF XmhOnalI: GtF; path=/; Max-Age=900
X-CDN: Imperva
X-Iinfo: 10-29734451-29734452 NNNN CT(60 -1 0) RT(1664252542837 0) q(0 0 0 0) r(2 2) U18
pipscoco.com/wp-content/fonts/3d40ef80b70be60f4ee370a4cd4bf4e3.css?ver=1.0.0
107.154.146.154200 OK 2.1 kB URL HTTP/1.1 pipscoco.com/wp-content/fonts/3d40ef80b70be60f4ee370a4cd4bf4e3.css?ver=1.0.0
IP 107.154.146.154:0
Hash 0e15e2fb0a85c1accf8b8e53cb4868f7
ce6cb8fd20517cbbe24e7b61dcdc61751bedd4f3
d2eb2857d3ecaa578764f530b4b1653fcdaf8aeb171679d521bd29220428225f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/3d40ef80b70be60f4ee370a4cd4bf4e3.css?ver=1.0.0 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 22:17:27 GMT
Content-Type: text/css
Content-Length: 2063
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:24 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:04 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 10-29734451-29719335 2cNN RT(1664252542837 464) q(0 0 0 -1) r(0 0) U18
pipscoco.com/wp-content/themes/blogfi/assets/css/font-awesome.min.css?ver=1.0.0
107.154.146.154200 OK 7.1 kB URL HTTP/1.1 pipscoco.com/wp-content/themes/blogfi/assets/css/font-awesome.min.css?ver=1.0.0
IP 107.154.146.154:0
File type ASCII text, with very long lines (30837)
Hash 82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blogfi/assets/css/font-awesome.min.css?ver=1.0.0 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 21:56:23 GMT
Content-Type: text/css
Content-Length: 7114
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:24 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:03 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 13-69897607-69685523 2cNN RT(1664252543401 0) q(0 0 0 -1) r(0 0) U18
pipscoco.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
107.154.146.154200 OK 17 kB URL HTTP/1.1 pipscoco.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 107.154.146.154:0
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 12:18:44 GMT
Content-Type: text/css
Content-Length: 16594
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:24 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:03 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 14-83600270-83552025 2cNN RT(1664252542837 464) q(0 0 0 -1) r(0 0) U18
pipscoco.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
107.154.146.154200 OK 4.9 kB URL HTTP/1.1 pipscoco.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 107.154.146.154:0
File type ASCII text, with very long lines (18498), with no line terminators
Hash 4139ad07d27bbc66b8b2fbcec07519a2
134cf73f125ab7e4416b1a9ca00c38107193f28c
134347c2ee12fb7e76b73f830c6efd23ab6f5196962ae8d20845a3ba540721db
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 12:18:45 GMT
Content-Type: application/javascript
Content-Length: 4946
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:24 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:04 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 10-29734451-29719335 2cNN RT(1664252542837 569) q(0 0 0 -1) r(0 0) U18
pipscoco.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
107.154.146.154200 OK 4.1 kB URL HTTP/1.1 pipscoco.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 107.154.146.154:0
File type ASCII text, with very long lines (11126), with no line terminators
Hash 178eb6bb4009474aeceb930c350e5fc6
362c035f70ccaef4c64bc6e3e14b14b9e569f43d
3e885471a567ff15fe4e353e7de35bb5732c8daeb2bbb9dbf258742138b2abd0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 12:18:44 GMT
Content-Type: application/javascript
Content-Length: 4109
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:24 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:03 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 13-69897608-69885083 2cNN RT(1664252543406 0) q(0 0 0 -1) r(0 0) U18
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 04:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 04:56:55 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Rxyt0n1xa9ItHCT6fylvGiiMtE5iqO6IQJl1vg6sq7nJ2I8HNsnzEg==
Age: 698
pipscoco.com/wp-content/themes/blogfi/assets/js/bootstrap.min.js?ver=1.0.0
107.154.146.154200 OK 15 kB URL HTTP/1.1 pipscoco.com/wp-content/themes/blogfi/assets/js/bootstrap.min.js?ver=1.0.0
IP 107.154.146.154:0
File type ASCII text, with very long lines (62284), with no line terminators
Hash 7021f6ef74d73df3a42b6c86c39009c5
a9562c108d2d35fc104ff606d998c4b1e965c9ae
5ad465eb7bc40b08a5cfc9aed0c7e87e9ba6d3ec17346dce402454d3e615937a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blogfi/assets/js/bootstrap.min.js?ver=1.0.0 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 21:56:23 GMT
Content-Type: application/javascript
Content-Length: 15164
Content-Encoding: gzip
Cache-Control: max-age=80602, public
Expires: Wed, 28 Sep 2022 02:45:45 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:03 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 13-69897607-69685523 2CNN RT(1664252543401 103) q(0 0 0 -1) r(0 0) U18
pipscoco.com/wp-content/themes/blogfi/assets/css/bootstrap.min.css?ver=1.0.0
107.154.146.154200 OK 37 kB URL HTTP/1.1 pipscoco.com/wp-content/themes/blogfi/assets/css/bootstrap.min.css?ver=1.0.0
IP 107.154.146.154:0
File type ASCII text, with very long lines (65326)
Hash df10f660f26d1c868387af2cca7e3b76
bd64de9612fea09e57a525f6d4d63b98e4238594
5eafdfd3ecedc62bed2ad6afea9241f4a71fb9f2a3cc0bf4a4773ee735b7ad7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blogfi/assets/css/bootstrap.min.css?ver=1.0.0 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 21:56:23 GMT
Content-Type: text/css
Content-Length: 37304
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:24 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:03 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 14-83600323-83516768 2cNN RT(1664252543403 0) q(0 0 0 -1) r(0 0) U18
pipscoco.com/wp-content/themes/blogfi/assets/js/main.js?ver=1.0.0
107.154.146.154200 OK 65 B URL HTTP/1.1 pipscoco.com/wp-content/themes/blogfi/assets/js/main.js?ver=1.0.0
IP 107.154.146.154:0
File type ASCII text, with CRLF line terminators
Hash ec49b69d35a9978ebae0d8a69c72d5a2
fa4465483e9d7cb9a2f6099d16d032bae58620e3
cf853784d64e0464d1e557e8004a4ca202df90f61785d5397a12e03483b03ccf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blogfi/assets/js/main.js?ver=1.0.0 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 21:56:23 GMT
Content-Type: application/javascript
Content-Length: 65
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:24 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:03 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 14-83600270-83516768 2cNN RT(1664252542837 671) q(0 0 0 -1) r(0 0) U18
pipscoco.com/wp-content/themes/blogfi/assets/js/navigation.js?ver=1.0.0
107.154.146.154200 OK 810 B URL HTTP/1.1 pipscoco.com/wp-content/themes/blogfi/assets/js/navigation.js?ver=1.0.0
IP 107.154.146.154:0
File type ASCII text, with very long lines (724)
Hash 91badd9be144d3140b9ecda5d3f3de15
bdf0cb809580f328c39c9712e10a52adb96d3eba
5abc120379b6d0e3e5d94e2be3511fc67ad92a5c28bbc736e84788a68c1902b9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blogfi/assets/js/navigation.js?ver=1.0.0 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 21:56:23 GMT
Content-Type: application/javascript
Content-Length: 810
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:24 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:04 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 10-29734451-29719335 2cNN RT(1664252542837 672) q(0 0 0 -1) r(0 0)
pipscoco.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
107.154.146.154200 OK 31 kB URL HTTP/1.1 pipscoco.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 107.154.146.154:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 982edad5bfc9035b5809810aefff78c5
a42996331642de364b258faae47d8f306cdf341a
11fd6a4c88b7f2b3c4b541ed0d4157fdbaf6b2e1a7451313325ed731bbc967c0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 12:18:44 GMT
Content-Type: application/javascript
Content-Length: 30846
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:25 GMT
Date: Tue, 27 Sep 2022 04:22:24 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:03 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 14-83600325-83582668 2cNN RT(1664252543406 0) q(0 0 0 -1) r(0 0) U18
pipscoco.com/wp-content/themes/blogfi/style.css?ver=1.0.0
107.154.146.154200 OK 4.9 kB URL HTTP/1.1 pipscoco.com/wp-content/themes/blogfi/style.css?ver=1.0.0
IP 107.154.146.154:0
File type ASCII text, with CRLF line terminators
Hash 1e154a0c43591c404630f1620363b314
e4b1508f36a2e38b01b05df878300467ca90a714
06db390616a93403e94f3c2bbbd306b1694fe237d60cfffa46da34fd2b12c4d4
GET /wp-content/themes/blogfi/style.css?ver=1.0.0 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 21:56:23 GMT
Content-Type: text/css
Content-Length: 4936
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:25 GMT
Date: Tue, 27 Sep 2022 04:22:24 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:03 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 13-69897608-69813564 2cNN RT(1664252543406 116) q(0 0 0 -1) r(0 0) U18
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eadd0ecf6c96410f39775d545d27356a
b00b935f9d68f0101a557af57f0ec3b223a2bef6
839f7ef1dd49cf021890e928fc9c9050cece1e7a0ad986160380104fec6b4222
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "839F7EF1DD49CF021890E928FC9C9050CECE1E7A0AD986160380104FEC6B4222"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21551
Expires: Tue, 27 Sep 2022 10:21:35 GMT
Date: Tue, 27 Sep 2022 04:22:24 GMT
Connection: keep-alive
pipscoco.com/wp-content/themes/blogfi/assets/css/responsive.css?ver=1.0.0
107.154.146.154200 OK 163 B URL HTTP/1.1 pipscoco.com/wp-content/themes/blogfi/assets/css/responsive.css?ver=1.0.0
IP 107.154.146.154:0
File type ASCII text, with no line terminators
Hash 7864ac64e9851af172029ba66504678d
c89f5901077332cc5c8865fb2fc61c8fe698e045
10a4c75eba5eb9ceafeaa165490a87872d13e04d961ad01f06cc72ca2a1803fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blogfi/assets/css/responsive.css?ver=1.0.0 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; ___utmvmXLYusVSKZ=vtZAnClExoK; ___utmvbXLYusVSKZ=wZF XmhOnalI: GtF
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Aug 2022 21:56:23 GMT
Content-Type: text/css
Content-Length: 163
Content-Encoding: gzip
Cache-Control: max-age=1, public
Expires: Tue, 27 Sep 2022 04:22:24 GMT
Date: Tue, 27 Sep 2022 04:22:23 GMT
Set-Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; expires=Tue, 26 Sep 2023 06:17:03 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==; path=/; Domain=.pipscoco.com
___utmvbXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
___utmvmXLYusVSKZ=a; Max-Age=0; path=/; expires=Mon, 19 Sep 2022 06:10:24 GMT
X-CDN: Imperva
X-Iinfo: 13-69897607-69885083 2cNN RT(1664252543401 210) q(0 0 0 -1) r(0 0) U18
www.lnk123.com/aff_i?offer_id=220&file_id=12710&aff_id=324135
52.210.2.133200 OK 57 B URL HTTP/1.1 www.lnk123.com/aff_i?offer_id=220&file_id=12710&aff_id=324135
IP 52.210.2.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 993f651940189abf8792da0d5dbcef54
e73180601abfcaf9bfd8c026503fee5914a777d3
9e3e5c7f1c6ac6733bc013e89d4367cdc7bf6cd329d6e6566be52535e199b4d8
GET /aff_i?offer_id=220&file_id=12710&aff_id=324135 HTTP/1.1
Host: www.lnk123.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pipscoco.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 04:22:24 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Tracking_id: 102ae5905333a26523839830730e61
Access-Control-Allow-Origin: *
X-Request-Id: e4d1615156ea5cf125445d3546601cb6
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2984
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:24 GMT
Last-Modified: Tue, 27 Sep 2022 03:32:40 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
customketodiet.com/uploads/banners/300x250-CustomKetoDiet.png
104.26.2.118200 OK 61 kB URL HTTP/2 customketodiet.com/uploads/banners/300x250-CustomKetoDiet.png
IP 104.26.2.118:0
File type PNG image data, 300 x 250, 8-bit/color RGB, non-interlaced\012- data
Hash 7773aabd0d4944ca69f0af5ef057d0c4
ca5b99a282e6c22526606100a16d40daa2fce8ce
098c892f8c5471ac45991e687ba159e67d1762018c1323b38c627bf70fd29786
GET /uploads/banners/300x250-CustomKetoDiet.png HTTP/1.1
Host: customketodiet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 04:22:24 GMT
content-type: image/png
content-length: 61083
cf-bgj: imgq:100,h2pri
cf-polished: origSize=62481
etag: "f411-5e43d0ad9689a"
last-modified: Wed, 20 Jul 2022 14:01:49 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2F9x5wN%2FrsUqSViBRs7nKFQyE66UXHcuR3%2BjY5MzfbhzWXoAoREQ81DE0Q8%2BM2pYAuHokwAeOVkTL9HGyaNnpVoItyoYDBzNM4xsuRbAR5StPCqENmRudNBYuc%2BAWl2D481QTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7511754508230b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pipscoco.com/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
107.154.146.154200 OK 13 kB URL HTTP/1.1 pipscoco.com/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
IP 107.154.146.154:0
File type Web Open Font Format (Version 2), TrueType, length 12820, version 1.0\012- data
Hash 3f2f6d9e64a95a40ea5dedfc91f42a95
9cd9f5a2f86f1d42390141d91619a0aa41a276b7
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pipscoco.com/wp-content/fonts/3d40ef80b70be60f4ee370a4cd4bf4e3.css?ver=1.0.0
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 04:22:24 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 03 Aug 2022 21:56:28 GMT
Accept-Ranges: bytes
Content-Length: 12820
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Content-Type: font/woff2
X-CDN: Imperva
X-Iinfo: 14-83600270-83600383 NNNY CT(61 -1 0) RT(1664252542837 945) q(0 0 0 -1) r(1 1) U18
pipscoco.com/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
107.154.146.154200 OK 13 kB URL HTTP/1.1 pipscoco.com/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
IP 107.154.146.154:0
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pipscoco.com/wp-content/fonts/3d40ef80b70be60f4ee370a4cd4bf4e3.css?ver=1.0.0
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 04:22:24 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 03 Aug 2022 21:56:28 GMT
Accept-Ranges: bytes
Content-Length: 12700
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Content-Type: font/woff2
X-CDN: Imperva
X-Iinfo: 13-69897607-69897661 NNNY CT(61 -1 0) RT(1664252543401 389) q(0 0 0 -1) r(1 1) U18
pipscoco.com/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
107.154.146.154200 OK 13 kB URL HTTP/1.1 pipscoco.com/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 107.154.146.154:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pipscoco.com/wp-content/fonts/3d40ef80b70be60f4ee370a4cd4bf4e3.css?ver=1.0.0
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 04:22:24 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 03 Aug 2022 21:56:27 GMT
Accept-Ranges: bytes
Content-Length: 12708
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Content-Type: font/woff2
X-CDN: Imperva
X-Iinfo: 14-83600325-83600382 NNNY CT(67 -1 0) RT(1664252543406 375) q(0 0 0 -1) r(1 1) U18
pipscoco.com/wp-content/uploads/2022/02/cropped-newlogo.png
107.154.146.154200 OK 54 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2022/02/cropped-newlogo.png
IP 107.154.146.154:0
File type PNG image data, 495 x 207, 8-bit/color RGBA, non-interlaced\012- data
Hash 60d975ed34c13dd6c0d2c91e6f95120c
24797456cd68d8a6109d81675fc7209adf6571fa
161d0bc34f4cccccaf6331192b207012f4517bf586f3eaa7ec58619bcb56fa2e
GET /wp-content/uploads/2022/02/cropped-newlogo.png HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "ee61754f"
last-modified: Wed, 03 Aug 2022 12:09:51 GMT
content-type: image/png
content-length: 53995
cache-control: max-age=1, public
expires: Tue, 27 Sep 2022 04:22:25 GMT
date: Tue, 27 Sep 2022 04:22:24 GMT
set-cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; expires=Tue, 26 Sep 2023 06:17:03 GMT; HttpOnly; path=/; Domain=.pipscoco.com
incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==; path=/; Domain=.pipscoco.com
x-cdn: Imperva
x-iinfo: 14-83600326-83596535 2cNN RT(1664252543408 279) q(0 0 0 0) r(0 0) U18
X-Firefox-Spdy: h2
media.go2speed.org/brand/files/mhinternal/220/garciniacambogiaselect.com350x250.gif
143.204.55.72200 OK 44 kB URL HTTP/2 media.go2speed.org/brand/files/mhinternal/220/garciniacambogiaselect.com350x250.gif
IP 143.204.55.72:0
File type GIF image data, version 89a, 350 x 250\012- data
Hash 9edb05ff851c39808d0e602c4198a6af
04eccb58d7db008381af098f02b7bfef5373684f
5e9ef7cf8cad05f2194c42f30ec5a1142d9ef036ddefada7c13ff56f0e5da140
GET /brand/files/mhinternal/220/garciniacambogiaselect.com350x250.gif HTTP/1.1
Host: media.go2speed.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43959
date: Tue, 27 Sep 2022 04:22:25 GMT
last-modified: Wed, 02 Dec 2015 00:32:42 GMT
etag: "9edb05ff851c39808d0e602c4198a6af"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OKtAjosONsfvXPD0cjDkQ5IQzdPEEZN3dcxDCs26z-XyWgW1QXMg1g==
X-Firefox-Spdy: h2
pipscoco.com/wp-content/themes/blogfi/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
107.154.146.154200 OK 77 kB URL HTTP/1.1 pipscoco.com/wp-content/themes/blogfi/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 107.154.146.154:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/blogfi/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://pipscoco.com/wp-content/themes/blogfi/assets/css/font-awesome.min.css?ver=1.0.0
Cookie: visid_incap_2809074=bWCFXHQ8TdOdqLIMEnRWY356MmMAAAAAQUIPAAAAAAAprZzaFkULhuO3AolzifEf; incap_ses_8216_2809074=7IPePAIBcEx3RTxKDRkFcn96MmMAAAAAxcALDSLot4pYW2JCmKE9Yg==
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 04:22:24 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 03 Aug 2022 21:56:23 GMT
Accept-Ranges: bytes
Content-Length: 77160
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive: timeout=5, max=75
Content-Type: font/woff2
X-CDN: Imperva
X-Iinfo: 14-83600323-83600381 NNNY CT(67 -1 0) RT(1664252543403 376) q(0 0 0 -1) r(1 1) U18
push.services.mozilla.com/
35.80.131.74101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.131.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PWoUWQqCinFE18+a1rItsw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B4Rx+5jFJ7aS1izCPQfqm9UCrxY=
pipscoco.com/wp-content/uploads/2022/06/siimland-x400-thumb.jpg
107.154.146.154200 OK 22 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2022/06/siimland-x400-thumb.jpg
IP 107.154.146.154:0
File type JPEG image data, baseline, precision 8, 500x400, components 3\012- data
Hash be2ed0c2e6762878397bd9b540a7d42f
0ccd057057653292eb546a4fe19928806298f48a
188ec6ab76deef0e8f545686f9022ce08aa7a5683af58a2ab163be1cfcaf3060
GET /wp-content/uploads/2022/06/siimland-x400-thumb.jpg HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "ebd18876"
last-modified: Wed, 03 Aug 2022 12:09:50 GMT
content-type: image/jpeg
content-length: 21647
cache-control: max-age=1, public
expires: Tue, 27 Sep 2022 04:22:25 GMT
date: Tue, 27 Sep 2022 04:22:24 GMT
x-cdn: Imperva
x-iinfo: 14-83600326-83600389 2cNN RT(1664252543408 419) q(0 0 0 -1) r(0 0) U18
X-Firefox-Spdy: h2
pipscoco.com/wp-content/uploads/2022/06/poundprog-x400-thumb.jpg
107.154.146.154200 OK 30 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2022/06/poundprog-x400-thumb.jpg
IP 107.154.146.154:0
File type JPEG image data, baseline, precision 8, 500x400, components 3\012- data
Hash a4562800b71b3a6134a3120a0e72aa4f
8f1f45c0f11b550a4f78a24f068b6f46cfd6b97b
cad24741834e7011d84c8c6b25211a35a4119ff30983a0d3a1b6123611dd3fc2
GET /wp-content/uploads/2022/06/poundprog-x400-thumb.jpg HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "facbe207"
last-modified: Wed, 03 Aug 2022 12:09:50 GMT
content-type: image/jpeg
content-length: 29604
cache-control: max-age=1, public
expires: Tue, 27 Sep 2022 04:22:25 GMT
date: Tue, 27 Sep 2022 04:22:24 GMT
x-cdn: Imperva
x-iinfo: 14-83600326-83596535 2cNN RT(1664252543408 424) q(0 0 0 -1) r(0 0) U18
X-Firefox-Spdy: h2
pipscoco.com/wp-content/uploads/2022/06/1hourbbd-x400-thumb.jpg
107.154.146.154200 OK 46 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2022/06/1hourbbd-x400-thumb.jpg
IP 107.154.146.154:0
File type JPEG image data, baseline, precision 8, 500x400, components 3\012- data
Hash a65eefca40b112d888e76a2b071c3d1c
06915598e66d6d5640ce51de6a5bae9b0074ee00
7474e0fe8a5ea97975265c77891d08a318599015711b8b4756727edf330d1a65
GET /wp-content/uploads/2022/06/1hourbbd-x400-thumb.jpg HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "9678b617"
last-modified: Wed, 03 Aug 2022 12:09:50 GMT
content-type: image/jpeg
content-length: 46031
cache-control: max-age=1, public
expires: Tue, 27 Sep 2022 04:22:25 GMT
date: Tue, 27 Sep 2022 04:22:24 GMT
x-cdn: Imperva
x-iinfo: 14-83600326-83600387 2cNN RT(1664252543408 417) q(0 0 0 -1) r(0 0) U18
X-Firefox-Spdy: h2
pipscoco.com/wp-content/uploads/2022/06/bellyskkp-x400-thumb.jpg
107.154.146.154200 OK 61 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2022/06/bellyskkp-x400-thumb.jpg
IP 107.154.146.154:0
File type JPEG image data, baseline, precision 8, 500x400, components 3\012- data
Hash 4884a713fd6c7fbe086109b0d6b79521
ada4cec08a54a1e3e8f8518b302254f74acdce75
3ba1c851f61148678f04b01bc23d37cefb2ffc139fc0ba4ea28923f17908e93b
GET /wp-content/uploads/2022/06/bellyskkp-x400-thumb.jpg HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "9fe92914"
last-modified: Wed, 03 Aug 2022 12:09:50 GMT
content-type: image/jpeg
content-length: 61083
cache-control: max-age=1, public
expires: Tue, 27 Sep 2022 04:22:25 GMT
date: Tue, 27 Sep 2022 04:22:24 GMT
x-cdn: Imperva
x-iinfo: 14-83600326-83583406 2cNN RT(1664252543408 415) q(0 0 0 -1) r(0 0) U18
X-Firefox-Spdy: h2
pipscoco.com/wp-content/uploads/2022/06/gr8health1-x400-thumb.jpg
107.154.146.154200 OK 60 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2022/06/gr8health1-x400-thumb.jpg
IP 107.154.146.154:0
File type JPEG image data, baseline, precision 8, 500x400, components 3\012- data
Hash a0f863e5e93f3372c7b09707bf10cbd3
fa970d76cba4c94982143446a51d62668e1f4a20
59956374e288814d67657e16c8c8894e71daa8558b8f5c0d6569dc772b53a40f
GET /wp-content/uploads/2022/06/gr8health1-x400-thumb.jpg HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "9ea7e394"
last-modified: Wed, 03 Aug 2022 12:09:50 GMT
content-type: image/jpeg
content-length: 59812
cache-control: max-age=1, public
expires: Tue, 27 Sep 2022 04:22:25 GMT
date: Tue, 27 Sep 2022 04:22:24 GMT
x-cdn: Imperva
x-iinfo: 14-83600326-83590821 2cNN RT(1664252543408 427) q(0 0 0 -1) r(0 0) U18
X-Firefox-Spdy: h2
pipscoco.com/wp-content/uploads/2022/06/tryalive-x400-thumb.jpg
107.154.146.154200 OK 18 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2022/06/tryalive-x400-thumb.jpg
IP 107.154.146.154:0
File type JPEG image data, baseline, precision 8, 500x400, components 3\012- data
Hash 653801071489c710107abf9afdf6f9cf
390542bc86a48c492ee417a87d60d288e1821040
5440e03ea8f7e72721c245d16a037d95ad9b6089abedadde2bbc64605f4ef17c
GET /wp-content/uploads/2022/06/tryalive-x400-thumb.jpg HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "070f0f6a"
last-modified: Wed, 03 Aug 2022 12:09:50 GMT
content-type: image/jpeg
content-length: 18022
cache-control: max-age=1, public
expires: Tue, 27 Sep 2022 04:22:25 GMT
date: Tue, 27 Sep 2022 04:22:24 GMT
x-cdn: Imperva
x-iinfo: 14-83600326-83590787 2cNN RT(1664252543408 431) q(0 0 0 -1) r(0 0) U18
X-Firefox-Spdy: h2
pipscoco.com/wp-content/uploads/2022/06/spir0408-x400-thumb.jpg
107.154.146.154200 OK 65 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2022/06/spir0408-x400-thumb.jpg
IP 107.154.146.154:0
File type JPEG image data, baseline, precision 8, 500x400, components 3\012- data
Hash eec90d6bd2bf9858583ebcaf32fc9a85
a1c9ad42604e8a6767f165f2641749d43a28f66e
67d2824fc0aaaab7c508e7d361412d11b21a9caeb2902c228f5ab4900af146ee
GET /wp-content/uploads/2022/06/spir0408-x400-thumb.jpg HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "b560c3c7"
last-modified: Wed, 03 Aug 2022 12:09:50 GMT
content-type: image/jpeg
content-length: 65382
cache-control: max-age=1, public
expires: Tue, 27 Sep 2022 04:22:25 GMT
date: Tue, 27 Sep 2022 04:22:24 GMT
x-cdn: Imperva
x-iinfo: 14-83600326-83600395 2cNN RT(1664252543408 429) q(0 0 0 -1) r(0 0) U18
X-Firefox-Spdy: h2
pipscoco.com/wp-content/uploads/2021/07/paypal1000-200x300.png
107.154.146.154200 OK 46 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2021/07/paypal1000-200x300.png
IP 107.154.146.154:0
File type PNG image data, 200 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 505156d06f72449771e5101e9addc208
398d2685c195dea1648ddcd0a57de068975f9a54
f1564486a854bc2954493d3990238f8b3195c4f041354226a8d3cfd6ec5f0451
GET /wp-content/uploads/2021/07/paypal1000-200x300.png HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "71be85ff"
last-modified: Wed, 03 Aug 2022 12:13:53 GMT
content-type: image/png
content-length: 45731
cache-control: max-age=1, public
expires: Tue, 27 Sep 2022 04:22:25 GMT
date: Tue, 27 Sep 2022 04:22:24 GMT
x-cdn: Imperva
x-iinfo: 14-83600326-83596535 2cNN RT(1664252543408 433) q(0 0 0 -1) r(0 0) U18
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
172.217.21.162200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (2910)
Hash 7c7fbc0ef076bdee882fbd7635f9345d
b6a7a633ced70a48e5eaa411aaa23d28b301e05f
1787d8471bb3b4e1006f6a496501781221d3871e0f1bdd7fdee0d34d06da1de9
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Tue, 27 Sep 2022 04:22:25 GMT
expires: Tue, 27 Sep 2022 04:22:25 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10108257292103710977
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57800
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220922/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220922/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:34:34 GMT
expires: Mon, 10 Oct 2022 21:34:34 GMT
cache-control: public, max-age=1209600
age: 24471
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8cd97aaf3e95e1e9bbdf8b739727d7cd
858cf438048356fc972c737cc84e1439c18dec5e
18e601b130747b5b70afa4a4614e9b7d8c7f3df5cd72725e1488c5b411a452e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8cd97aaf3e95e1e9bbdf8b739727d7cd
858cf438048356fc972c737cc84e1439c18dec5e
18e601b130747b5b70afa4a4614e9b7d8c7f3df5cd72725e1488c5b411a452e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pipscoco.com/wp-content/uploads/2019/11/cropped-Favicon-192x192.png
107.154.146.154404 Not Found 6.9 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2019/11/cropped-Favicon-192x192.png
IP 107.154.146.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash c42cb8e0354bba7eabd85f21dba3e987
86381577660ea3f0e0ef02ca101c40dc2c4f9057
928910e6d2920d4ea3fd48ec603197e65113a2cc7cf9c6302ac9404a199bafec
GET /wp-content/uploads/2019/11/cropped-Favicon-192x192.png HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 04:22:25 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://pipscoco.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6940
content-type: text/html; charset=UTF-8
x-cdn: Imperva
x-iinfo: 14-83600326-83590787 2NNN RT(1664252543408 822) q(0 0 0 -1) r(3 3) U11
X-Firefox-Spdy: h2
pipscoco.com/wp-content/uploads/2019/11/cropped-Favicon-32x32.png
107.154.146.154404 Not Found 6.9 kB URL HTTP/2 pipscoco.com/wp-content/uploads/2019/11/cropped-Favicon-32x32.png
IP 107.154.146.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash c42cb8e0354bba7eabd85f21dba3e987
86381577660ea3f0e0ef02ca101c40dc2c4f9057
928910e6d2920d4ea3fd48ec603197e65113a2cc7cf9c6302ac9404a199bafec
GET /wp-content/uploads/2019/11/cropped-Favicon-32x32.png HTTP/1.1
Host: pipscoco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Cookie: visid_incap_2809074=YyIhuJSzQA+XQ3mPFelOfH96MmMAAAAAQUIPAAAAAADqgLQcdiyUe4+rcANQogxV; incap_ses_8216_2809074=76KsbU6buBK1RTxKDRkFcn96MmMAAAAAyiHw5bY3/xbun42BANd0aw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 04:22:25 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://pipscoco.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6940
content-type: text/html; charset=UTF-8
x-cdn: Imperva
x-iinfo: 14-83600326-83596535 2NNN RT(1664252543408 824) q(0 0 0 -1) r(3 3) U11
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=pipscoco.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=pipscoco.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=pipscoco.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 04:22:25 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=pipscoco.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=pipscoco.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=pipscoco.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 04:22:25 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=pipscoco.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=pipscoco.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=pipscoco.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 27 Sep 2022 04:22:25 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23d19b3f71f6460e3d033f2516cbb30e
0eba190af730382c4ac0a433424a4c7a8c796064
b52695792218b549e210c8ce75ef9fca11319ed2ee82447817460bb7e7e87ae1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 27 Sep 2022 04:22:26 GMT
expires: Tue, 27 Sep 2022 04:22:26 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 13:42:03 GMT
expires: Mon, 25 Sep 2023 13:42:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 139223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13818
Expires: Tue, 27 Sep 2022 08:12:44 GMT
Date: Tue, 27 Sep 2022 04:22:26 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 04:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a2c481a-abce-43aa-89a3-95cd7559102c.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a2c481a-abce-43aa-89a3-95cd7559102c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1f571f5fdf5233ffa70132a4504d4fe
1b5f002272083d5e19b5bd18d503f49635b771e5
4563ffe63e1d043c159648a72d9f4c59a3b0fe40379254848a52c11a4f1a6511
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a2c481a-abce-43aa-89a3-95cd7559102c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6518
x-amzn-requestid: d4a26d13-5318-4491-8aec-4c5c738d3254
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y_HlsHzmoAMFl3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f8624-1baed38e2c89933e66870f2f;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 22:35:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FoSurbU0rYpw1-0snI2b3EC_t2HkfMZpoYnKX6KqFosBv23z4BJCLg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:32:27 GMT
age: 53399
etag: "1b5f002272083d5e19b5bd18d503f49635b771e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3140ec95f33c36599de95b25cdade940
932c74fa24b61ee1b1c672b6c19b1e736caab8d3
f7488246ca75fddc504812f4c5944a5a2494cdb14b6ef1db5fb28beca5cff194
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9737
x-amzn-requestid: aec3c3e9-42e5-4de5-8882-118002369ef8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreGJxoAMF-oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-527ccd70654c22891262279d;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ukn4d6yPeJJHN5trYK3xbhik2pX41zHki3nG5r6fCzQgm3vYw5lhAA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:43:16 GMT
age: 23950
etag: "932c74fa24b61ee1b1c672b6c19b1e736caab8d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91d97447a6a35813e57d942f685544c4
3b660de9902fbfcf2efb477f40480b08545ebc5f
08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11881
x-amzn-requestid: 4562e550-9c0f-407b-be2a-3c5d8901d444
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2apSEPuIAMF5TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0b08-5c5f052f146d25a7190412d1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:13:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EAiLlHN2h6EPX0idrlQG4TIyGBMt_In0_Tpy79foal99j4xoRasO-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:49 GMT
age: 21517
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f9bc23ab347b5f2e2ec15d69f41f0cf0
a92af0438aa2b6637c0f69dabd0be00b3a43caf8
4382f21ee6727d4b4d21bd7d16b1821a57d9fec6c78dbf7e74bfdfbde51ec206
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffffd9a36-7835-4249-a213-06720f62ce54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4327
x-amzn-requestid: 59493149-3c46-42c6-96aa-92c945fb4c40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlA1HzioAMFzxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9e-5bd13d5719a119a25650f405;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nZuilN7CTsQ_XYx39le70nZKRzVBDyygmYdaHVmBnpi8teTUB1Faxw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 23588
etag: "a92af0438aa2b6637c0f69dabd0be00b3a43caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 23979
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 511 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 9b20cc66d0727e1697fe5d390dc817a3
921f47641978ab7e70e432449153a05afc015646
35ce86c1c34338f947af2c95a6d93be750c52451fa1df94afdf4e80a067f36e3
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pipscoco.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 27 Sep 2022 04:22:26 GMT
date: Tue, 27 Sep 2022 04:22:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-DB2qudu8y0repkl_ArLRYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa70ece15044b7318cb11ae5e37a64e7
04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 53635
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2