r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17029
Expires: Wed, 11 Jan 2023 08:26:10 GMT
Date: Wed, 11 Jan 2023 03:42:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18727
Expires: Wed, 11 Jan 2023 08:54:28 GMT
Date: Wed, 11 Jan 2023 03:42:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d8ccb7b2b89aec333fabc04d37337892
c2a13a42c1bd0cf7ce68d9c13b3d6ba1044b5283
75fcc3ea090454e3489a131b70ab50798fec6a08664745027d7a1cf62c6aba28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75FCC3EA090454E3489A131B70AB50798FEC6A08664745027D7A1CF62C6ABA28"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18291
Expires: Wed, 11 Jan 2023 08:47:12 GMT
Date: Wed, 11 Jan 2023 03:42:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 02:48:34 GMT
content-type: application/json
age: 3227
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rahpB7pac94GakmktDCSqI3V76vf0uTpsnCMa8ekSnBHNTkRnCAuWP7mmVYf/W0Uatv0WgfJCmQ=
x-amz-request-id: P3HM6F961P7Z8TT0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 03:01:54 GMT
age: 2427
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 03:42:21 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fgmc.anathothonline.us/
172.93.103.99302 Found 11 B IP 172.93.103.99:0
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET / HTTP/1.1
Host: fgmc.anathothonline.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 11 Jan 2023 03:42:20 GMT
location: http://btpnative.com/click?data=X2RSd09Ca1BQRm91engwbWljQlhFci1idGFXZGlUOS1yNlUzUFctc3JsTkVjUDZ2R2tUM0c3TUdybEU2X2FJUHE0MU5NMHNHOVpQaGttdEdtX3R6U21uVkl5ejJqVWxrVmE4dXQyZ0NxMC00b1RrT1B5YTF2RTBSX0VwSm5LMGdnSEZaMEI0dUwtdjJkRklJT2JOaWRRMg2&id=7325a118-3e15-4c7d-affe-b66affb06cd1
server: nginx
set-cookie: sid=f3fadc98-9161-11ed-971e-24378715c436; path=/; domain=.anathothonline.us; expires=Mon, 29 Jan 2091 06:56:28 GMT; max-age=2147483647; HttpOnly
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 03:33:45 GMT
age: 516
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
btpnative.com/click?data=X2RSd09Ca1BQRm91engwbWljQlhFci1idGFXZGlUOS1yNlUzUFctc3JsTkVjUDZ2R2tUM0c3TUdybEU2X2FJUHE0MU5NMHNHOVpQaGttdEdtX3R6U21uVkl5ejJqVWxrVmE4dXQyZ0NxMC00b1RrT1B5YTF2RTBSX0VwSm5LMGdnSEZaMEI0dUwtdjJkRklJT2JOaWRRMg2&id=7325a118-3e15-4c7d-affe-b66affb06cd1
192.99.158.241200 OK 5.5 kB URL HTTP/1.1 btpnative.com/click?data=X2RSd09Ca1BQRm91engwbWljQlhFci1idGFXZGlUOS1yNlUzUFctc3JsTkVjUDZ2R2tUM0c3TUdybEU2X2FJUHE0MU5NMHNHOVpQaGttdEdtX3R6U21uVkl5ejJqVWxrVmE4dXQyZ0NxMC00b1RrT1B5YTF2RTBSX0VwSm5LMGdnSEZaMEI0dUwtdjJkRklJT2JOaWRRMg2&id=7325a118-3e15-4c7d-affe-b66affb06cd1
IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash f40856eb46a5926464614a5e625ecc3d
2caa3e87d3ea93586164ab47a7553cee83463fa4
031cb21d6dd4e181cd6686c4fea8daf847ddf89edaba9908923af71795a64e05
GET /click?data=X2RSd09Ca1BQRm91engwbWljQlhFci1idGFXZGlUOS1yNlUzUFctc3JsTkVjUDZ2R2tUM0c3TUdybEU2X2FJUHE0MU5NMHNHOVpQaGttdEdtX3R6U21uVkl5ejJqVWxrVmE4dXQyZ0NxMC00b1RrT1B5YTF2RTBSX0VwSm5LMGdnSEZaMEI0dUwtdjJkRklJT2JOaWRRMg2&id=7325a118-3e15-4c7d-affe-b66affb06cd1 HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: RtfCkTxwCcSQSkg=RtfCkTxwCcSQSkg; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Wed, 11 Jan 2023 03:42:21 GMT
Content-Length: 5470
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a831a999b5e598b4e9f4e31e8054ca7c
9971a4a806f48777ae6d9525085d16d0c6314c51
cdffa8dd48e75baa98670f82dfac2b3948667ca32dd93f469d2cd49d3a58581c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2888
Cache-Control: max-age=108757
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 03:42:21 GMT
Etag: "63bd2aaa-1d7"
Expires: Thu, 12 Jan 2023 09:54:58 GMT
Last-Modified: Tue, 10 Jan 2023 09:06:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
btpnative.com/Redirect/
192.99.158.241302 Found 2.0 kB IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1950), with CRLF line terminators
Hash 5e1ea1bfd496f952c6b51efaf4d03ca3
848237ec82da45ca818d926871bcca283f3bbe4d
f1eb43e8d866c3c3656e5a3313f5e520ccd678325ce5ba56323b93eb1973e7dd
POST /Redirect/ HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 359
Origin: http://btpnative.com
Connection: keep-alive
Referer: http://btpnative.com/click?data=X2RSd09Ca1BQRm91engwbWljQlhFci1idGFXZGlUOS1yNlUzUFctc3JsTkVjUDZ2R2tUM0c3TUdybEU2X2FJUHE0MU5NMHNHOVpQaGttdEdtX3R6U21uVkl5ejJqVWxrVmE4dXQyZ0NxMC00b1RrT1B5YTF2RTBSX0VwSm5LMGdnSEZaMEI0dUwtdjJkRklJT2JOaWRRMg2&id=7325a118-3e15-4c7d-affe-b66affb06cd1
Cookie: RtfCkTxwCcSQSkg=RtfCkTxwCcSQSkg
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lR3MFNZcyxBjNwmrMMUC78Rf4tfcM5ZhDeXLbMsvYqpeS41SpzXPxxsIFxEkYftGXacQmbHk67eZgmvgdI5Xrt_ig3jqYlZKGaGdo2xVRU9C_dRqxfYwKhVHxqA8GBjK4_DV3GIg_4UCmmsjtm8NUZggdb5RNdN1yofdyd_EWVhWA-kCbdctuQ-I100mhE2rzJ8pPNjptQ8pIyxGj07gv07v__Fiyn3nUANY_w0_1t6lv4eD7i5pu0Aw1IQ8GOauODWvZ9O2s5J4DKE8N9ynQC3ZaBDj6xsCCqo3rFSNQs7Lu4QqAu-VdT3rKpsnXNuXbHPsy4m1Lh2uQ1yxvSpOO6v2NJxg6o_Tubr-70i_eJQIqmoDj0XkSwbskyUuxT95NbcS62m7Uw-Xntdnpd_cEa8E9KS9tBlJam_fh_H89iWRhtXTZ3V5uCDzq4uFXhYY6d-vL2YET5JuZAb3cq6eel5SQiZDMbtWcg_Tv97oJs5T8tXJEBG5vBSmJaDJFHwfXIJvZZKaUbPkJBmyJSp115k87vrFtpqAbkqoaQmt6ba4PBM-j4Cj2MdLi6FWtDcym7x7nVu9F7oIS8CHvebnkJGgDU8BoQc3SLaYzWIfEOmx8p9wH1A-CYpdyQ-9JuaavE8wfzj_cEAC-XzMOB8vsdkYQoK_ufP1OLQFWbpi0TOg5vfgLP020AS1CUJ8IiDxeHbBx3YpPvaXkxazJiYDM-tsT8o4frcfuwT_NIXYiH9_OjAaBi6VS28cpYY9CqNbTiwITt3aN3Jaf-sNhpXMXsOMxRLnqMrwtFJtqN9tTyTQHCzQSl5eV6O7QX_e-BTGB7mjpnQkR8zrmRIdHzAyx5TkiaXOeBGHkmFYW6Mz-99sjtD08xgy-Jat99itBNwTwSCVGrn7AgR5Jp7R7SCKZB881_uZLNVhDbyH6g7mucNG5xVJ3hE8VcLvKv_Tw9qRhSWx5pxHdjMED4xzN3ic_AnNP6lSfBBnuA7ukDvlHX2u2XrObDFiZlEuN1202C92y8UrAAWCWiKn5lDkB0iB-g4TwkXzSDwRwwwuW5QehkOYyM84dIaeqIBt6APk9L14-0uPhD645VFbWQi3FXfRg7GXhdrYo6R0WCHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR5RpgW_UdbcGFGdUv60vV_Ho6-EgWI_RwA2R-3hTeX975PRlwaR1u1Hz8zCox8Keh6OwslgYAMt66ohQ9WDEdQiYkE5aPFiQagXH8dLYd0OJHNm9ZHk7567ozVZInHFUtpNUUuntgPvbMgqVabyYf6eVcP5apaFYbVd3kYxzRrP-AMKCP1LUmO1imWjFSEW1aKzbINZF07opDoVAe-32G_M_t10aGrVNwUmdaqKmyyyEjFuZqJDC4MIRq5CD3tblsHvXGot6KXMy1iiZn2anquUat5w42VJMx79ZMAfCa1byGz-hypakUUCzMPLkxchKn3Ccc8cnifzasQmgTkGLEG9VgfPrllgHAUNVOi7cRJqat4TupYLBuOkb1q2tFdU4Vc6erdg3_RkvMUs4r7l3NgGMO8UYMsbk0SLQzlzQOsYRk
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Wed, 11 Jan 2023 03:42:21 GMT
Content-Length: 2022
push.services.mozilla.com/
52.37.79.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.37.79.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZmkFccOzLRoVPqRN5EJSyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6h1TZwtyTXN87tyqsOELiWggwVQ=
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 91b761e376c99ed812c86923806c5ccd
3865c2b7912c7e9c5f553ba20cbb7cfda0123840
4ce20d2e67355141aa91d49a78653fc1c220d1ea3d72cdeed06eb1c633b24f12
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 03:42:22 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 19:25:42 GMT
Expires: Sun, 15 Jan 2023 19:25:41 GMT
Etag: "3865c2b7912c7e9c5f553ba20cbb7cfda0123840"
Cache-Control: max-age=401598,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 787aa45dbad8b503-OSL
mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lR3MFNZcyxBjNwmrMMUC78Rf4tfcM5ZhDeXLbMsvYqpeS41SpzXPxxsIFxEkYftGXacQmbHk67eZgmvgdI5Xrt_ig3jqYlZKGaGdo2xVRU9C_dRqxfYwKhVHxqA8GBjK4_DV3GIg_4UCmmsjtm8NUZggdb5RNdN1yofdyd_EWVhWA-kCbdctuQ-I100mhE2rzJ8pPNjptQ8pIyxGj07gv07v__Fiyn3nUANY_w0_1t6lv4eD7i5pu0Aw1IQ8GOauODWvZ9O2s5J4DKE8N9ynQC3ZaBDj6xsCCqo3rFSNQs7Lu4QqAu-VdT3rKpsnXNuXbHPsy4m1Lh2uQ1yxvSpOO6v2NJxg6o_Tubr-70i_eJQIqmoDj0XkSwbskyUuxT95NbcS62m7Uw-Xntdnpd_cEa8E9KS9tBlJam_fh_H89iWRhtXTZ3V5uCDzq4uFXhYY6d-vL2YET5JuZAb3cq6eel5SQiZDMbtWcg_Tv97oJs5T8tXJEBG5vBSmJaDJFHwfXIJvZZKaUbPkJBmyJSp115k87vrFtpqAbkqoaQmt6ba4PBM-j4Cj2MdLi6FWtDcym7x7nVu9F7oIS8CHvebnkJGgDU8BoQc3SLaYzWIfEOmx8p9wH1A-CYpdyQ-9JuaavE8wfzj_cEAC-XzMOB8vsdkYQoK_ufP1OLQFWbpi0TOg5vfgLP020AS1CUJ8IiDxeHbBx3YpPvaXkxazJiYDM-tsT8o4frcfuwT_NIXYiH9_OjAaBi6VS28cpYY9CqNbTiwITt3aN3Jaf-sNhpXMXsOMxRLnqMrwtFJtqN9tTyTQHCzQSl5eV6O7QX_e-BTGB7mjpnQkR8zrmRIdHzAyx5TkiaXOeBGHkmFYW6Mz-99sjtD08xgy-Jat99itBNwTwSCVGrn7AgR5Jp7R7SCKZB881_uZLNVhDbyH6g7mucNG5xVJ3hE8VcLvKv_Tw9qRhSWx5pxHdjMED4xzN3ic_AnNP6lSfBBnuA7ukDvlHX2u2XrObDFiZlEuN1202C92y8UrAAWCWiKn5lDkB0iB-g4TwkXzSDwRwwwuW5QehkOYyM84dIaeqIBt6APk9L14-0uPhD645VFbWQi3FXfRg7GXhdrYo6R0WCHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR5RpgW_UdbcGFGdUv60vV_Ho6-EgWI_RwA2R-3hTeX975PRlwaR1u1Hz8zCox8Keh6OwslgYAMt66ohQ9WDEdQiYkE5aPFiQagXH8dLYd0OJHNm9ZHk7567ozVZInHFUtpNUUuntgPvbMgqVabyYf6eVcP5apaFYbVd3kYxzRrP-AMKCP1LUmO1imWjFSEW1aKzbINZF07opDoVAe-32G_M_t10aGrVNwUmdaqKmyyyEjFuZqJDC4MIRq5CD3tblsHvXGot6KXMy1iiZn2anquUat5w42VJMx79ZMAfCa1byGz-hypakUUCzMPLkxchKn3Ccc8cnifzasQmgTkGLEG9VgfPrllgHAUNVOi7cRJqat4TupYLBuOkb1q2tFdU4Vc6erdg3_RkvMUs4r7l3NgGMO8UYMsbk0SLQzlzQOsYRk
52.116.53.155302 Found 0 B URL HTTP/2 mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lR3MFNZcyxBjNwmrMMUC78Rf4tfcM5ZhDeXLbMsvYqpeS41SpzXPxxsIFxEkYftGXacQmbHk67eZgmvgdI5Xrt_ig3jqYlZKGaGdo2xVRU9C_dRqxfYwKhVHxqA8GBjK4_DV3GIg_4UCmmsjtm8NUZggdb5RNdN1yofdyd_EWVhWA-kCbdctuQ-I100mhE2rzJ8pPNjptQ8pIyxGj07gv07v__Fiyn3nUANY_w0_1t6lv4eD7i5pu0Aw1IQ8GOauODWvZ9O2s5J4DKE8N9ynQC3ZaBDj6xsCCqo3rFSNQs7Lu4QqAu-VdT3rKpsnXNuXbHPsy4m1Lh2uQ1yxvSpOO6v2NJxg6o_Tubr-70i_eJQIqmoDj0XkSwbskyUuxT95NbcS62m7Uw-Xntdnpd_cEa8E9KS9tBlJam_fh_H89iWRhtXTZ3V5uCDzq4uFXhYY6d-vL2YET5JuZAb3cq6eel5SQiZDMbtWcg_Tv97oJs5T8tXJEBG5vBSmJaDJFHwfXIJvZZKaUbPkJBmyJSp115k87vrFtpqAbkqoaQmt6ba4PBM-j4Cj2MdLi6FWtDcym7x7nVu9F7oIS8CHvebnkJGgDU8BoQc3SLaYzWIfEOmx8p9wH1A-CYpdyQ-9JuaavE8wfzj_cEAC-XzMOB8vsdkYQoK_ufP1OLQFWbpi0TOg5vfgLP020AS1CUJ8IiDxeHbBx3YpPvaXkxazJiYDM-tsT8o4frcfuwT_NIXYiH9_OjAaBi6VS28cpYY9CqNbTiwITt3aN3Jaf-sNhpXMXsOMxRLnqMrwtFJtqN9tTyTQHCzQSl5eV6O7QX_e-BTGB7mjpnQkR8zrmRIdHzAyx5TkiaXOeBGHkmFYW6Mz-99sjtD08xgy-Jat99itBNwTwSCVGrn7AgR5Jp7R7SCKZB881_uZLNVhDbyH6g7mucNG5xVJ3hE8VcLvKv_Tw9qRhSWx5pxHdjMED4xzN3ic_AnNP6lSfBBnuA7ukDvlHX2u2XrObDFiZlEuN1202C92y8UrAAWCWiKn5lDkB0iB-g4TwkXzSDwRwwwuW5QehkOYyM84dIaeqIBt6APk9L14-0uPhD645VFbWQi3FXfRg7GXhdrYo6R0WCHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR5RpgW_UdbcGFGdUv60vV_Ho6-EgWI_RwA2R-3hTeX975PRlwaR1u1Hz8zCox8Keh6OwslgYAMt66ohQ9WDEdQiYkE5aPFiQagXH8dLYd0OJHNm9ZHk7567ozVZInHFUtpNUUuntgPvbMgqVabyYf6eVcP5apaFYbVd3kYxzRrP-AMKCP1LUmO1imWjFSEW1aKzbINZF07opDoVAe-32G_M_t10aGrVNwUmdaqKmyyyEjFuZqJDC4MIRq5CD3tblsHvXGot6KXMy1iiZn2anquUat5w42VJMx79ZMAfCa1byGz-hypakUUCzMPLkxchKn3Ccc8cnifzasQmgTkGLEG9VgfPrllgHAUNVOi7cRJqat4TupYLBuOkb1q2tFdU4Vc6erdg3_RkvMUs4r7l3NgGMO8UYMsbk0SLQzlzQOsYRk
IP 52.116.53.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aS/feedclick?s=HFz5zNIIs95ROWPasgEEz5pul2QkOqW6fSMU3tyux_xlUmLW80VCNRwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lR3MFNZcyxBjNwmrMMUC78Rf4tfcM5ZhDeXLbMsvYqpeS41SpzXPxxsIFxEkYftGXacQmbHk67eZgmvgdI5Xrt_ig3jqYlZKGaGdo2xVRU9C_dRqxfYwKhVHxqA8GBjK4_DV3GIg_4UCmmsjtm8NUZggdb5RNdN1yofdyd_EWVhWA-kCbdctuQ-I100mhE2rzJ8pPNjptQ8pIyxGj07gv07v__Fiyn3nUANY_w0_1t6lv4eD7i5pu0Aw1IQ8GOauODWvZ9O2s5J4DKE8N9ynQC3ZaBDj6xsCCqo3rFSNQs7Lu4QqAu-VdT3rKpsnXNuXbHPsy4m1Lh2uQ1yxvSpOO6v2NJxg6o_Tubr-70i_eJQIqmoDj0XkSwbskyUuxT95NbcS62m7Uw-Xntdnpd_cEa8E9KS9tBlJam_fh_H89iWRhtXTZ3V5uCDzq4uFXhYY6d-vL2YET5JuZAb3cq6eel5SQiZDMbtWcg_Tv97oJs5T8tXJEBG5vBSmJaDJFHwfXIJvZZKaUbPkJBmyJSp115k87vrFtpqAbkqoaQmt6ba4PBM-j4Cj2MdLi6FWtDcym7x7nVu9F7oIS8CHvebnkJGgDU8BoQc3SLaYzWIfEOmx8p9wH1A-CYpdyQ-9JuaavE8wfzj_cEAC-XzMOB8vsdkYQoK_ufP1OLQFWbpi0TOg5vfgLP020AS1CUJ8IiDxeHbBx3YpPvaXkxazJiYDM-tsT8o4frcfuwT_NIXYiH9_OjAaBi6VS28cpYY9CqNbTiwITt3aN3Jaf-sNhpXMXsOMxRLnqMrwtFJtqN9tTyTQHCzQSl5eV6O7QX_e-BTGB7mjpnQkR8zrmRIdHzAyx5TkiaXOeBGHkmFYW6Mz-99sjtD08xgy-Jat99itBNwTwSCVGrn7AgR5Jp7R7SCKZB881_uZLNVhDbyH6g7mucNG5xVJ3hE8VcLvKv_Tw9qRhSWx5pxHdjMED4xzN3ic_AnNP6lSfBBnuA7ukDvlHX2u2XrObDFiZlEuN1202C92y8UrAAWCWiKn5lDkB0iB-g4TwkXzSDwRwwwuW5QehkOYyM84dIaeqIBt6APk9L14-0uPhD645VFbWQi3FXfRg7GXhdrYo6R0WCHqzSk-KRg7qb2PPeTclojXmPyZ7KLga-yzkt54L1JiI8z1hX-jh2tlQEZUze64St6-gKIW275ciWmyic5LKRhjjq-D96pKbzXVyF1S08xmL9JvVDV9nj28eyFZqBb8sfqXeOtS6rR5RpgW_UdbcGFGdUv60vV_Ho6-EgWI_RwA2R-3hTeX975PRlwaR1u1Hz8zCox8Keh6OwslgYAMt66ohQ9WDEdQiYkE5aPFiQagXH8dLYd0OJHNm9ZHk7567ozVZInHFUtpNUUuntgPvbMgqVabyYf6eVcP5apaFYbVd3kYxzRrP-AMKCP1LUmO1imWjFSEW1aKzbINZF07opDoVAe-32G_M_t10aGrVNwUmdaqKmyyyEjFuZqJDC4MIRq5CD3tblsHvXGot6KXMy1iiZn2anquUat5w42VJMx79ZMAfCa1byGz-hypakUUCzMPLkxchKn3Ccc8cnifzasQmgTkGLEG9VgfPrllgHAUNVOi7cRJqat4TupYLBuOkb1q2tFdU4Vc6erdg3_RkvMUs4r7l3NgGMO8UYMsbk0SLQzlzQOsYRk HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 11 Jan 2023 03:42:22 GMT
content-length: 0
set-cookie: rhid=82682878821; Max-Age=15552000; Expires=Mon, 10-Jul-2023 03:42:22 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p274639.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDL1IYlCWzEmcGRxNgAiPKdtTV9R9xsoujxJSAG9DPlY8mfmfn_yQmk3Vmu10YVKqUJRKqdinpZEEfVZXsNEjQvlK-eHuT_InOTy0eqLAk88mkWwYS65LvCcisgne0aG7iDfhTmWxu0frO0zteQtXgdaB8S3plS_ddtWOCKfOR4-PWEd2_Z9NKTR6A69gK3Flr6kw1Q3wVv9s_DuMliiKRcPKQDJn1ynQJHsce-8wKPOOJ_oR-GL7RkNbfuEpigjsNcBcGThnm4nNE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeoacsv2DdGELaS0mZqWq1h1RpgW_UdbcGFGdUv60vV_Hpz7eSQRqU8YoyEOp_uQSua_M3DlSUqIihEj2hGcz2__2yGSAQpLnintt8nH_2lE0Cy08U5tWZ_8xO5Q6At4So69oCiUoswGUltoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q0_MRhfPXC9HCol4S5osn5YR0Ng4Sbb-ewWFMo45vcOlMGzfh0CNUya&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6oDKJLEU4m4IDh1NEzEGkRrf6JN8mLRClHKSf9ddJJMBUthqbs-8edpJem3BbZ5UwYM1ussGsI7jQ&si=1&oref=60e0d2dac4271f25608d21be6fece60d&optunit=RpgW_UdbcGFGdUv60vV_HjWSwDHqLjGH&rb=ntzDoPN7Tjk&rr=0&abtg=0
X-Firefox-Spdy: h2
p274639.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDL1IYlCWzEmcGRxNgAiPKdtTV9R9xsoujxJSAG9DPlY8mfmfn_yQmk3Vmu10YVKqUJRKqdinpZEEfVZXsNEjQvlK-eHuT_InOTy0eqLAk88mkWwYS65LvCcisgne0aG7iDfhTmWxu0frO0zteQtXgdaB8S3plS_ddtWOCKfOR4-PWEd2_Z9NKTR6A69gK3Flr6kw1Q3wVv9s_DuMliiKRcPKQDJn1ynQJHsce-8wKPOOJ_oR-GL7RkNbfuEpigjsNcBcGThnm4nNE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeoacsv2DdGELaS0mZqWq1h1RpgW_UdbcGFGdUv60vV_Hpz7eSQRqU8YoyEOp_uQSua_M3DlSUqIihEj2hGcz2__2yGSAQpLnintt8nH_2lE0Cy08U5tWZ_8xO5Q6At4So69oCiUoswGUltoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q0_MRhfPXC9HCol4S5osn5YR0Ng4Sbb-ewWFMo45vcOlMGzfh0CNUya&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6oDKJLEU4m4IDh1NEzEGkRrf6JN8mLRClHKSf9ddJJMBUthqbs-8edpJem3BbZ5UwYM1ussGsI7jQ&si=1&oref=60e0d2dac4271f25608d21be6fece60d&optunit=RpgW_UdbcGFGdUv60vV_HjWSwDHqLjGH&rb=ntzDoPN7Tjk&rr=0&abtg=0
52.116.53.155302 Found 0 B URL HTTP/2 p274639.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDL1IYlCWzEmcGRxNgAiPKdtTV9R9xsoujxJSAG9DPlY8mfmfn_yQmk3Vmu10YVKqUJRKqdinpZEEfVZXsNEjQvlK-eHuT_InOTy0eqLAk88mkWwYS65LvCcisgne0aG7iDfhTmWxu0frO0zteQtXgdaB8S3plS_ddtWOCKfOR4-PWEd2_Z9NKTR6A69gK3Flr6kw1Q3wVv9s_DuMliiKRcPKQDJn1ynQJHsce-8wKPOOJ_oR-GL7RkNbfuEpigjsNcBcGThnm4nNE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeoacsv2DdGELaS0mZqWq1h1RpgW_UdbcGFGdUv60vV_Hpz7eSQRqU8YoyEOp_uQSua_M3DlSUqIihEj2hGcz2__2yGSAQpLnintt8nH_2lE0Cy08U5tWZ_8xO5Q6At4So69oCiUoswGUltoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q0_MRhfPXC9HCol4S5osn5YR0Ng4Sbb-ewWFMo45vcOlMGzfh0CNUya&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6oDKJLEU4m4IDh1NEzEGkRrf6JN8mLRClHKSf9ddJJMBUthqbs-8edpJem3BbZ5UwYM1ussGsI7jQ&si=1&oref=60e0d2dac4271f25608d21be6fece60d&optunit=RpgW_UdbcGFGdUv60vV_HjWSwDHqLjGH&rb=ntzDoPN7Tjk&rr=0&abtg=0
IP 52.116.53.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDL1IYlCWzEmcGRxNgAiPKdtTV9R9xsoujxJSAG9DPlY8mfmfn_yQmk3Vmu10YVKqUJRKqdinpZEEfVZXsNEjQvlK-eHuT_InOTy0eqLAk88mkWwYS65LvCcisgne0aG7iDfhTmWxu0frO0zteQtXgdaB8S3plS_ddtWOCKfOR4-PWEd2_Z9NKTR6A69gK3Flr6kw1Q3wVv9s_DuMliiKRcPKQDJn1ynQJHsce-8wKPOOJ_oR-GL7RkNbfuEpigjsNcBcGThnm4nNE15yz728krV__W_JMtiNWygu4EAhLehVZan_-uJdGeoacsv2DdGELaS0mZqWq1h1RpgW_UdbcGFGdUv60vV_Hpz7eSQRqU8YoyEOp_uQSua_M3DlSUqIihEj2hGcz2__2yGSAQpLnintt8nH_2lE0Cy08U5tWZ_8xO5Q6At4So69oCiUoswGUltoweMxbkUxVnWruyDfRXVfSPcxVQni-afdnKfr5HD5hH96neDjclCgu6tNLJtXf_NVWUy-lk7PFjuED_lYu80Xu88wSWywELxBhUNI1iZDeG75T0AK4q0_MRhfPXC9HCol4S5osn5YR0Ng4Sbb-ewWFMo45vcOlMGzfh0CNUya&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6oDKJLEU4m4IDh1NEzEGkRrf6JN8mLRClHKSf9ddJJMBUthqbs-8edpJem3BbZ5UwYM1ussGsI7jQ&si=1&oref=60e0d2dac4271f25608d21be6fece60d&optunit=RpgW_UdbcGFGdUv60vV_HjWSwDHqLjGH&rb=ntzDoPN7Tjk&rr=0&abtg=0 HTTP/1.1
Host: p274639.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=82682878821
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 11 Jan 2023 03:42:22 GMT
content-length: 0
set-cookie: rhid=82682878821; Max-Age=15552000; Expires=Mon, 10-Jul-2023 03:42:22 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
loi=ad_490233_off_142374_aff_3322_cid_274639-581455224-ANATHOTHONLINE.US_ts_1673408542; Max-Age=3600; Expires=Wed, 11-Jan-2023 04:42:22 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://myfood.ltd/?v=20171031&s1=0
X-Firefox-Spdy: h2
myfood.ltd/?v=20171031&s1=0
151.139.128.10200 OK 2.9 kB URL HTTP/2 myfood.ltd/?v=20171031&s1=0
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6859), with no line terminators
Hash 029ccb01ef612a9e6748494c60d24b69
d385f7671725be11701998c27571e94b1950f991
7ac429dc45b509b1bed9bdcdc5610868d510d979ce3cc06d48870511bf0425f5
GET /?v=20171031&s1=0 HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 11 Jan 2023 03:42:22 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 2896
content-type: text/html
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb731-1ad4"
x-sp-metadata: HS256.CK78+J0GEoYBCiQ0NmUzMjNkMi1mNzc0LTQ5ZjEtOWNiYS0xMzNhYmY1YWY4ODgQwIKqy8GT/AIaBgie4PidBiIMOTEuOTAuNDIuMTU0KO4OMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiQ5NDk4YTkyNi0yMzRiLTQzYzMtYmViOC0xYjQyNDg1OTA0ZGMY0BYiGAgCEhRjZHMyMzYuc2sxLmh3Y2RuLm5ldA==.yUURX336t1n/w1DJaCFNxEue4CBB/v0JEdDt0xQx+ic=
x-hw: 1673408542.cds014.sk1.hn,1673408542.cds236.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/css/style.css
151.139.128.10200 OK 19 kB URL HTTP/2 myfood.ltd/main/css/style.css
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (65134), with no line terminators
Hash a95a0c8bd1273406b8c8053fb3527d56
2a461dcfa2c4bf1d22727bfd7c3c2abc85d44343
55b46146d32f4ee365d4ca91d8b3b1c504a062b15bbc1ed60a22ac2d05be1db5
GET /main/css/style.css HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 03:42:22 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 18933
content-type: text/css
last-modified: Mon, 01 Mar 2021 09:43:15 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb733-1b1ac"
x-sp-metadata: HS256.CK78+J0GEoYBCiRjYmVhNTQzYi1lMTA2LTRjZmUtOWY4OS1hMjE2YjJkMTUyZmMQwIKqy8GT/AIaBgie4PidBiIMOTEuOTAuNDIuMTU0KO4OMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiRhMmIyOGI3OC01ZGE4LTRmNGItOGUxOS03ZTI1YzBkZTBkMDkY9ZMBIhgIAhIUY2RzMjYxLnNrMS5od2Nkbi5uZXQ=.Ga8CFPLPxm9/qVaJeHSk2zl/iC2L/xo8yXe23k/rsh4=
x-hw: 1673408542.cds014.sk1.hn,1673408542.cds261.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_1.jpg
151.139.128.10200 OK 74 kB URL HTTP/2 myfood.ltd/images/Superfood_1.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x420, components 3\012- data
Hash c2c3ec0e55e648c2a85d4499714a9c11
073f2990a52da59a7d3b73583b30be3c2cf45523
b66cf7365382753dc6340bfa2fba89c368ca3b930a0833d8f64c4c34525fc2ec
GET /images/Superfood_1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 03:42:22 GMT
cache-control: max-age=30
content-length: 74204
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-121dc"
x-sp-metadata: HS256.CK78+J0GEoYBCiQxMGUzMjRjMS1iNTFhLTQyYjEtOGI1ZS00YTJlNzVkZWZhOGUQwIKqy8GT/AIaBgie4PidBiIMOTEuOTAuNDIuMTU0KO4OMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ1Y2QyOWZlNC03ZTY5LTQ1MmYtOWZmYy1jMDUzMjUzMWE2OWQY3MMEIhgIAhIUY2RzMjQ3LnNrMS5od2Nkbi5uZXQ=.2wDabRJ2f1yxXA4G0vwbFcorNrVZS8rp8ilJ6XL5NU4=
x-hw: 1673408542.cds014.sk1.hn,1673408542.cds247.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-1.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-1.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash 62d0b6a649ac10e72bcb6ea3bbf57564
3e333889b0b66bfc6a32499f4c55878e2102b463
58dddc0a77632d920d096da6c6e2587c5859a4b4dd7af6dcd6eb8009ebc23ba6
GET /images/avatar-1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 03:42:22 GMT
cache-control: max-age=30
content-length: 11304
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-2c28"
x-sp-metadata: HS256.CK78+J0GEoYBCiRkYzVmMjU2Mi0wNGRiLTQ4ZmYtYTg2Ni0zZTI3MGIwZDIxMjgQwIKqy8GT/AIaBgie4PidBiIMOTEuOTAuNDIuMTU0KO4OMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiQyYjhlNmQyMS01MTBjLTRkMzMtODRkNi00MTJiZGVjYTI2OTkYqFgiGAgCEhRjZHMyMTEuc2sxLmh3Y2RuLm5ldA==.gQ1suyjsbKvkLH1sRe3cTzUj23OcwBGjKkPhOLUBGKg=
x-hw: 1673408542.cds014.sk1.hn,1673408542.cds211.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-2.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-2.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash dd3881ed1b5b03b1d571edf89e12c466
61ca68c1c2d2ae7d286dfc0540f4ca8b357fdf3d
97b65e41dd547b310e1e860d2ae4717dba1d97bd36c0cd06c35749caa515e207
GET /images/avatar-2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 03:42:22 GMT
cache-control: max-age=30
content-length: 10665
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-29a9"
x-sp-metadata: HS256.CK78+J0GEoYBCiQ2ODk2NTBmYS0wOTg4LTQ2ZmUtYjcxYS05NmYzZmRmMTQ5NDgQwIKqy8GT/AIaBgie4PidBiIMOTEuOTAuNDIuMTU0KO4OMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiQzMjJiMjMwZS1hYzJkLTQ5N2UtYTliNi02Zjk0MThkZDYzYWIYqVMiGAgCEhRjZHMwMTMuc2sxLmh3Y2RuLm5ldA==.7XvrjnocjP2R3tkJZqZc2cPvC5nc6NURDmGouuHH1qk=
x-hw: 1673408542.cds014.sk1.hn,1673408542.cds013.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_2.jpg
151.139.128.10200 OK 52 kB URL HTTP/2 myfood.ltd/images/Superfood_2.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x341, components 3\012- data
Hash b87af7248a82f58fe2ea5d0c7b030886
1d5a5b9752d7978c68b0d4a1689b3d8e6d322f0a
14da8c39c357dad0441b26d575c0000a9529c76d785680306a3cf51abe4cae81
GET /images/Superfood_2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 03:42:22 GMT
cache-control: max-age=30
content-length: 51830
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: "603cb731-ca76"
x-sp-metadata: HS256.CK78+J0GEoYBCiRjMjY1OGI4Ny02OWIwLTRjN2ItOTcwMC03NWYyODdiNGU1NWIQwIKqy8GT/AIaBgie4PidBiIMOTEuOTAuNDIuMTU0KO4OMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ0OWRkOGU2Mi05ZmVlLTRiMjctYTMxNC1kNzNiNDg5NTE2YTcY9pQDIhgIAhIUY2RzMjIyLnNrMS5od2Nkbi5uZXQ=.YH6MU7p364bT6ixydvsSL8d2Mn1ETcF3Qk+9Q/CTZGc=
x-hw: 1673408542.cds014.sk1.hn,1673408542.cds222.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/js/main.js
151.139.128.10200 OK 39 kB URL HTTP/2 myfood.ltd/main/js/main.js
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (60220)
Hash 181e3fa3b1de97ff4efd259bc2a2c8c7
52edf1dc36109cb57bea12689a48442e27f06ad1
ffa8984bea3bf0c0a0cb282e9a5a98b3435e63fb6a26dfe0351979fa9f827c40
GET /main/js/main.js HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 03:42:22 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 38656
content-type: application/javascript
last-modified: Mon, 01 Mar 2021 09:43:14 GMT
accept-ranges: bytes
server: nginx
etag: "603cb732-1d57b"
x-sp-metadata: HS256.CK78+J0GEoYBCiQ0ZTVjZTI4MC05MjU5LTRhOTgtYWUyMS1iMWM2MGRlNjYwNTAQwIKqy8GT/AIaBgie4PidBiIMOTEuOTAuNDIuMTU0KO4OMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiRhN2E4YWY0MS1kMmZhLTQ3ZjMtOTgxMi00NjEzMTVhYzAyZGUYgK4CIhgIAhIUY2RzMjI4LnNrMS5od2Nkbi5uZXQ=.UDDSyxxBBLj8iAkJWwJk0HCZSftF8YS0HDKYTlYml7g=
x-hw: 1673408542.cds014.sk1.hn,1673408542.cds228.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 03:42:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 03:42:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14564, version 1.0\012- data
Hash 60c866748ff15f5b347fdba64596b1b1
34f486906decb7c8cf7a02d4758add9a2408c7a5
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
GET /s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 03:33:02 GMT
expires: Sat, 06 Jan 2024 03:33:02 GMT
cache-control: public, max-age=31536000
age: 432561
last-modified: Wed, 11 Oct 2017 21:49:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
216.58.207.227200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14544, version 1.0\012- data
Hash 223a277bd88d8a90c8cdf24cda0ad5f5
24234c1c81b3948758c1a0be8e5a65386ca94c52
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
GET /s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 15:51:33 GMT
expires: Wed, 10 Jan 2024 15:51:33 GMT
cache-control: public, max-age=31536000
age: 42650
last-modified: Wed, 11 Oct 2017 21:49:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a4ba4ab27cd47ead09d38283f795198
cf1d1e13fa427879530cb912e495012a42312b7d
8c0178a28c92e029ad04c5dbb4b8515117303e64cb3df9f3902a10f151ee1aab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 03:42:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4534
Expires: Wed, 11 Jan 2023 04:57:57 GMT
Date: Wed, 11 Jan 2023 03:42:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4534
Expires: Wed, 11 Jan 2023 04:57:57 GMT
Date: Wed, 11 Jan 2023 03:42:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4534
Expires: Wed, 11 Jan 2023 04:57:57 GMT
Date: Wed, 11 Jan 2023 03:42:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1180e9be-6c31-4bd3-86f4-ac36cdd4e746.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1180e9be-6c31-4bd3-86f4-ac36cdd4e746.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74eafe3bfabac6843100686971153898
e9df2e14485c412107d742d4baab53aa36cd8ca4
46fcfba703552a587888b3c6e6a1deb01930e347192d05d95a5a5f46e9d0fea1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1180e9be-6c31-4bd3-86f4-ac36cdd4e746.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9301
x-amzn-requestid: 7f43eb13-8bca-4b2b-a6a4-325c6161608e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei73_GVVIAMFn5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-3f5d8e784f0d806b6416138f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Hm1d-3H7jqfp6ylCahEmI84jBVpJyIpJTw2rlDx0N1TaagFryNmpXg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:43:48 GMT
etag: "e9df2e14485c412107d742d4baab53aa36cd8ca4"
content-type: image/jpeg
age: 21515
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4da885e-af97-45cf-8aa1-1867db7d3381.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4da885e-af97-45cf-8aa1-1867db7d3381.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36f19790a56d051ec79ac837bf8ee625
3a50370e7b5321826a85717d1164a76e510018ad
e84237643e2d757be51f40e71c891e3c424709fa3a47b34e2e181275cb725844
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4da885e-af97-45cf-8aa1-1867db7d3381.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3462
x-amzn-requestid: 7a2e8620-e3e1-4429-bdc7-fa95b88cb7eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eY6FUHckIAMFjUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9d6ee-6907fd97018a896951e608d8;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 20:32:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yp0goMhWNWa0Ud0iUfr9IvdKM-v1kUs_DfwrOCxUTAeGUmb25hsRRg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 13:13:59 GMT
age: 52104
etag: "3a50370e7b5321826a85717d1164a76e510018ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfdccf6a024cbd033eea815d49112057
0d987b906b2fd7e45d09169898e7cc14e0e62f64
739c6dadc197a3cf88c8fcdb8a6f35bc7bb98355b3804e0b2c71cd6a87f08900
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d03d252-a4d1-4207-aa34-25d15894724a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5434
x-amzn-requestid: a6d8944c-dae3-43f6-91bd-6dda6f9275b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei75NErNIAMFlsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d4-44e8212239c649ba56cd3256;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2AoL4ZExGsF3_xld3G2LV73EWnyJ4Eq_Uyh2FUB-voXc25sEgnuMfA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:43:27 GMT
age: 21536
etag: "0d987b906b2fd7e45d09169898e7cc14e0e62f64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46046bcb-aa12-467e-bdcb-ef3110cfe54c.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46046bcb-aa12-467e-bdcb-ef3110cfe54c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 81ce31b226216f13dccb427a1f7d7d08
895596dd464a8dfdb56c1a2de449717f32bebb00
c03534962c1c48a141a20ad1d8917add556d88ca1523ca26309d0d173e1d1da9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46046bcb-aa12-467e-bdcb-ef3110cfe54c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5896
x-amzn-requestid: d6ea9fc0-97e0-45b4-ba7c-22e640d90223
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecZ-bE0OIAMFoQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3d28-5be1cefc353bc097418c2ea8;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 22:01:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7NN8XoBzs9RprlXQHk1LIlpyvDDss_pb5yYuFXnh0IyUdClve2Ln_Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 12:40:05 GMT
age: 54138
etag: "895596dd464a8dfdb56c1a2de449717f32bebb00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 68af9d9acdc08345ac38ae59f83a9a24
d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee
1ae2e194f6bb20166d326002b39a4e3f44a9a97046e77ffd2a186eae384b7ce1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe834a7de-1ed4-4b8b-a3be-fce3151bd1b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10640
x-amzn-requestid: 0b0b6732-7692-4b35-9625-154dc39386dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei745GEooAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9d2-314dad90600e9d8c737adf05;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZR6BWnywdcRk5KkmuuMtlIgFKqD_IHiv9jSum7TsjPo5US-gkn7Z-w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:43:43 GMT
etag: "d3c0b7fa6ab4f421835acd595a75b5035d1ff9ee"
content-type: image/jpeg
age: 21520
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdae53ed8-392a-4b15-b1e3-96999c5f49db.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdae53ed8-392a-4b15-b1e3-96999c5f49db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f8313b7aa2c2aec3d6744400fd2382b1
d67bf6707d6a8cc5a30bd74b7e54a8f0530919d4
c410b057ec9c2800fd6ecf4ede4224e8d18952d26847a8e18fa6d528c86c5068
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdae53ed8-392a-4b15-b1e3-96999c5f49db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8824
x-amzn-requestid: e1c1dc5d-c378-46d5-b824-9592ec3ef357
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eXAQBHvMIAMFaoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b913ff-1fb67eee5791cc466031ac7e;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 06:41:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ReoZQ6wwAA548roBEC2AzMhymdvTwACBW7zDbE0Qbje47A4762N2kw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 13:21:28 GMT
age: 51655
etag: "d67bf6707d6a8cc5a30bd74b7e54a8f0530919d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
myfood.ltd/favicon.ico
151.139.128.10200 OK 1.2 kB IP 151.139.128.10:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b671b0407b8abf4ffb9946ee1596d992
79a116ffd13f1888451abd3cb8751cb2140f2fa4
1515616a51664df153b03397585ee45469cb936100992f870419514b17820649
GET /favicon.ico HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 11 Jan 2023 03:42:23 GMT
cache-control: max-age=30
content-length: 1150
content-type: image/x-icon
last-modified: Wed, 28 Mar 2018 14:00:16 GMT
accept-ranges: bytes
server: nginx
etag: "5abb9ff0-47e"
x-sp-metadata: HS256.CK/8+J0GEoYBCiQ0NmRhMzhjZC0wNjhiLTQ3NTEtYjc3NC01YTRjODQ5MjBhMDQQwIKqy8GT/AIaBgif4PidBiIMOTEuOTAuNDIuMTU0KO4OMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKRIkYjRlYjc0OGYtZDkzMy00MzQwLWIxYTUtZjY5NzdmN2QyZTcyGP4IIhoIAhIUY2RzMDY2LnNrMS5od2Nkbi5uZXQYCQ==.iJXSGo/LuyzLTlskyaRGOCJYuY3Ux3iiUh0R+xzfVO4=
x-hw: 1673408543.cds014.sk1.hn,1673408543.cds066.sk1.sc,1673408543.cds066.sk1.pr
X-Firefox-Spdy: h2