Overview

URL montanamedicalaestheticsclinic.com/
IP216.152.143.240
ASNCOGECO-PEER1
Location United States
Report completed2022-10-02 18:40:23 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-02 2 montanamedicalaestheticsclinic.com Sinkholed


Files

URL montanamedicalaesthetics.com/files/2022/08/01-Home-SkinCareProducts.jpg
IP  216.152.143.240
Magic gzip compressed data, max compression\012- data
Size 38820
MD5 44fe48be39dd2bb8f6ba22c8b7988357
SHA1 6df45927250c06e6c136522458b448c8880879a8
SHA256 599ec22f79f5b7efc01df6f6566b747326d0673e5fc771cbde6b9526b5eb9dc8
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (21)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS montanamedicalaestheticsclinic.com (1) 0 2022-09-16 20:36:22 UTC 2022-10-02 18:40:04 UTC 216.152.143.240 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.76.226
mnemonic passive DNS secure.adnxs.com (4) 396 2012-05-22 16:37:37 UTC 2022-10-02 05:23:56 UTC 185.89.210.82
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 54.200.107.47
mnemonic passive DNS maps.gstatic.com (1) 0 2016-01-11 16:55:17 UTC 2022-10-02 12:11:43 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-10-02 16:25:36 UTC 18.165.201.103
mnemonic passive DNS montanamedicalaesthetics.com (34) 0 2015-02-13 06:54:26 UTC 2022-09-16 19:36:08 UTC 216.152.143.240 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (12) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-10-02 11:24:27 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-10-02 17:15:51 UTC 142.250.74.164
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-10-02 11:24:29 UTC 34.120.237.76
mnemonic passive DNS d2ra6nuwn69ktl.cloudfront.net (4) 0 2021-04-15 07:51:43 UTC 2022-09-28 18:42:31 UTC 143.204.65.69 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 108.156.28.95
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-10-02 15:44:45 UTC 93.184.220.29
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-06-10 06:53:41 UTC 2022-10-02 17:19:54 UTC 142.250.74.106
mnemonic passive DNS maps.googleapis.com (1) 33876 2014-10-18 12:00:16 UTC 2022-10-02 17:31:57 UTC 142.250.74.106
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-02 16:00:45 UTC 142.250.74.10
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-10-02 17:54:50 UTC 216.58.207.200
mnemonic passive DNS www.vcita.com (5) 65076 2012-05-21 13:44:40 UTC 2022-10-02 00:41:41 UTC 104.18.3.196
mnemonic passive DNS static.cloudflareinsights.com (1) 1294 2019-09-24 14:34:56 UTC 2022-10-02 07:33:55 UTC 104.18.47.230


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 216.152.143.240

Date UQ / IDS / BL URL IP
2022-11-16 12:49:39 +0000
0 - 0 - 21 lifeinsurancepartners.net/ 216.152.143.240
2022-11-12 11:52:20 +0000
0 - 0 - 25 masterpaintingtn.com/ 216.152.143.240
2022-11-05 10:25:02 +0000
0 - 0 - 15 gnhomefinish.com/cbm88g.rar 216.152.143.240
2022-10-30 16:51:12 +0000
0 - 0 - 20 zoosiana.com/packages 216.152.143.240
2022-10-24 21:14:37 +0000
0 - 0 - 26 carretoelectricca.com/ 216.152.143.240

Last 5 reports on ASN: COGECO-PEER1

Date UQ / IDS / BL URL IP
2022-12-06 22:00:48 +0000
0 - 0 - 42 varevenementiel.fr/oau/index.php?QBOT.zip 45.56.223.75
2022-12-06 21:52:02 +0000
0 - 0 - 3 cbdjungle.co.uk/iast/index.php?QBOT.zip 212.53.86.59
2022-12-06 11:39:48 +0000
0 - 0 - 42 varevenementiel.fr/oau/index.php?QBOT.zip 45.56.223.75
2022-12-06 06:56:47 +0000
0 - 0 - 5 tcvgrading.com/ 103.26.142.212
2022-12-06 05:37:39 +0000
0 - 0 - 10 dmariyapackers.in/ 64.34.68.10

Last 1 reports on domain: montanamedicalaestheticsclinic.com

Date UQ / IDS / BL URL IP
2022-10-02 18:40:23 +0000
0 - 0 - 1 montanamedicalaestheticsclinic.com/ 216.152.143.240

No other reports with similar screenshot



JavaScript

Executed Scripts (30)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (90)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: montanamedicalaestheticsclinic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         216.152.143.240
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:11 GMT
Content-Length: 0
Connection: keep-alive
Location: https://montanamedicalaesthetics.com/
Vary: Accept-Encoding
X-Varnish: 45227082
Age: 0
Via: 1.1 varnish (Varnish/5.2)


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10514
Expires: Sun, 02 Oct 2022 21:35:26 GMT
Date: Sun, 02 Oct 2022 18:40:12 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.165.201.103
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 18:03:12 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 675c3f96928d591debc37b54f2b16dc2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: uX5B4xSkepPHuo74wwjj_RsW-iZJCDslv98Bfxyq1r7waz7h4Mwd5w==
Age: 2220


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         108.156.28.95
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 2fe8f7f5aca4ab098dc7bad8e97a06dc.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 7P8xsFmdIJfThg7_5Qt75Oxf2i-XmW8-lu9BbwGAuAcJMupBf4by2w==
age: 54416
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 02 Oct 2022 18:40:12 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "028925C7558A3C08F76BB85C481C219F1765C10E4A0C0498B03D3235F8C2F7B1"
Last-Modified: Sat, 01 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 03 Oct 2022 00:40:12 GMT
Date: Sun, 02 Oct 2022 18:40:12 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.165.201.103
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 18:32:57 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 18:33:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4dd28c7d9439664c66fbf62f5cd00636.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 3VEYa2I0G10qHIAvcCrxVEzTYjtGMwafW-ZfGAlHCS-3taFc42IUyA==
Age: 439


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:12 GMT
Content-Length: 14280
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 283678708 283398556
Age: 8
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3290), with CRLF, LF line terminators
Size:   14280
Md5:    d8a3ca3fe01decf73c6c265165415548
Sha1:   bd2f2c3eb3672f2b0380f58282571f81c3286bc5
Sha256: b36b14ec08b11c229108b8dc4ebe81b92c5a49a6f727b01bdfe45c1e73904965
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4525
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 18:40:12 GMT
Last-Modified: Sun, 02 Oct 2022 17:24:47 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /seg?add=31310651&t=1 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.82
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Sun, 02 Oct 2022 18:40:12 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31310651%26t%3D1
AN-X-Request-Uuid: c156aaed-dff1-4da9-93c4-16fbfb8bf0cb
Set-Cookie: uuid2=6233299383814864677; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 31-Dec-2022 18:40:12 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /px?id=1622089&t=1 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.82
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Sun, 02 Oct 2022 18:40:12 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1622089%26t%3D1
AN-X-Request-Uuid: d914bf2f-8d92-4e00-a78e-6613bb868ad7
Set-Cookie: uuid2=4672117846489296986; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 31-Dec-2022 18:40:12 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.min.css?ver=248_11 HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 07:21:44 GMT
expires: Sun, 01 Oct 2023 07:21:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 127108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (28290)
Size:   7320
Md5:    29cec33e497be5e450f9703d98efca3b
Sha1:   4bcb24406115ca93d35ba145b78234b6f5e5d135
Sha256: 287e9a460040e8d091b9eb5381be54956185f293a41cadf7586ad05eaf23a012
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bounce?%2Fseg%3Fadd%3D31310651%26t%3D1 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://montanamedicalaesthetics.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.82
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Sun, 02 Oct 2022 18:40:12 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: a2f68fb0-9082-4e4d-9eeb-6bf4136ff07d
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2C%uh.5*b!]tbP6j2F-XstGt!@Dan$lwaU; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 31-Dec-2022 18:40:12 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /bounce?%2Fpx%3Fid%3D1622089%26t%3D1 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://montanamedicalaesthetics.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.82
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Sun, 02 Oct 2022 18:40:12 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 0eadc608-4ca9-42dd-a4c2-70574e7f0c7c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1 HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:12 GMT
Content-Length: 56186
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 01:11:21 GMT
ETag: "8657d-5e939bd40a75a-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45073825
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (728)
Size:   56186
Md5:    4ce8419dd86b6a5afdb3092d3edf13a6
Sha1:   ec5fd460e89093877ef40cddd5901c57ffd7662b
Sha256: 1947dcab523ba7cd472d16cec7c4edaac7d94969a5963d91102a956b08d951af
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /maps/api/js?key=AIzaSyA5FbS9BqS7UoQLFzQZJfQe-0F02_YeYxc&sensor=false HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
date: Sun, 02 Oct 2022 18:40:12 GMT
expires: Sun, 02 Oct 2022 19:10:12 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 54017
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=17
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2456)
Size:   54017
Md5:    d1ea452903e09e59ced5844000851c87
Sha1:   ab9fdd6fcddf5299edb386837debb1e8317f2ab8
Sha256: 1a10fe1c81bce0b6dc455b60fa444e704c112d880d9b2fc6b7e98ea230e901e0
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rT7BiVCavZcwu2q1oVkNZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.200.107.47
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GYpuPVaevBfK0kSlK0ZjkqI0YcQ=

                                        
                                            GET /cms_websites/cms_custom_css.php?ver=248_11 HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 5248
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 283445813
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   5248
Md5:    40d7eed328b6ec91ba72307fb52c674d
Sha1:   6f6319fa3a99d6e19681b4af8b2b09f7757c028f
Sha256: abd492acaa0a52c5df2b7b344924fe6b50334aa39c09bf3ae5565e2128036403
                                        
                                            GET /wp-content/themes/tsm-theme-1/plugins/_the_map/css/map-styles-admin.min.css HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 3160
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "520f-5c189ea4b2d4d-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45103411
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (21007), with no line terminators
Size:   3160
Md5:    41cb377517b49b8fc7a63e54daf5b6dc
Sha1:   eb741ca8171e1a5cafc6506b2df4ddc1ed1c76ca
Sha256: 406f0c8947de3652f4765be91e0ab0f478a43ffc4bccda07d03859f3d7ae4865
                                        
                                            GET /cms_websites/cms_theme_custom_css.php?ver=248_11 HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/css;charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 8617
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45073849
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (483)
Size:   8617
Md5:    d480e106fa2ba6fd974e7b82a0aee7a4
Sha1:   9252ea9c5724f79e07974bc753c8999e146c1d3a
Sha256: 1496101137bf1247c5c9f46d18a57beb3e2fc804505a3848bd2298afe88a70e0
                                        
                                            GET /cms_websites/tools/AdminBarAnalytics/js/external-tracking.min.js HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 465
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:35 GMT
ETag: "48c-5d727b353ed35-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45049790
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1164), with no line terminators
Size:   465
Md5:    ae9e1ea6af46bf62a7469101eb4a8f55
Sha1:   e94958da3bfd259c99019190f6c4e449e0c16aee
Sha256: bbf28048044a88f7b3f682c682dea0b058d7ff7e98daf046f6f161517e97fafa
                                        
                                            GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 5822
Connection: keep-alive
Last-Modified: Fri, 27 Sep 2019 00:16:13 GMT
ETag: "401a-5937dcb42d8d7-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45103414 45320574
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (16194)
Size:   5822
Md5:    0de80519eb796dc06fa34efcf454c797
Sha1:   1274f536f1c2c51ad2b0c0f121da21cc43854ea5
Sha256: 059bc818c4f66d482fcd7a623fde7a0c66d9767f49a0fca0eed2fb4a6ccfdbf6
                                        
                                            GET /cms_websites/js/external-non-blocking/scripts.min.js HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 5606
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "4bc0-5c189ea4b1dad-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45103420 44737887
Age: 3580
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1122)
Size:   5606
Md5:    612a92a3a5775c451f263b1b66282be0
Sha1:   95d2ed780e3e81c29b16d712bc808c71abfd7322
Sha256: ebafd15fd5f122f9ff7c279181b800aa1a6eb20e65fa92543575f8dd84daaff4
                                        
                                            GET /wp-content/themes/tsm-theme-1/plugins/_the_map/js/vslimscroll.min.js HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 1436
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 18:16:47 GMT
ETag: "c8e-59378c5cf9c66-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45289473 45109605
Age: 2
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (3214), with no line terminators
Size:   1436
Md5:    bfca20280479961feb09d207a5c0c912
Sha1:   1c32481813f306d14a32a82b6235ce502d747ebc
Sha256: 5b52d18c5a98b5b182a051c4a948158f0f3ce1402d05c70dbf369a558af25a44
                                        
                                            GET /wp-content/themes/beacon-theme_charlotte/js/min/theme-min.js HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 24449
Connection: keep-alive
Last-Modified: Thu, 14 Apr 2022 01:14:56 GMT
ETag: "17d03-5dc93059ea4c5-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 44971319 44941683
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (31984)
Size:   24449
Md5:    df8cb58860540fe37f48ebdd01d4f7e2
Sha1:   7abdbe3fd4184ea1230dd6f35391778a0a79be88
Sha256: a5e0db722a02983ddd7c0687cad6b966d7f5f842b80a4c510b390cc6441ee231
                                        
                                            GET /wp-content/themes/tsm-theme-1/plugins/_the_map/js/jquery.googlemapsplugin.min.js HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 1269
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 19:18:32 GMT
ETag: "ce4-59379a2a4dca4-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 44971328 44754902
Age: 2
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (3300), with no line terminators
Size:   1269
Md5:    c9cb21a7c2391403e519e3f35262db6e
Sha1:   8603d3b88aa25b911a7cad4ab971df1322baa817
Sha256: d4b66218dbecb4dd691fba691e17f95b4467099381667ef1deecf94cbeaa83c9
                                        
                                            GET /wp-content/themes/tsm-theme-1/plugins/_the_map/js/init-scripts.min.js HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 741
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:49 GMT
ETag: "681-5c189ea4b2d4d-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45073863 45320499
Age: 2
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (875)
Size:   741
Md5:    a6053633c56a82abc36b133efb4f696a
Sha1:   beb831a6abee0b21debbede5b94258468a9f2917
Sha256: 19cf77b947ae75651b857d843cd5ae9aeeb9bdc071e1ad21539b7ce42f420c30
                                        
                                            GET /cms_websites/tools/GAEventTracking/js/scripts.min.js HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 517
Connection: keep-alive
Last-Modified: Fri, 04 Feb 2022 02:06:35 GMT
ETag: "3f7-5d727b3527792-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45073867 40081880
Age: 9600
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1015), with no line terminators
Size:   517
Md5:    09a9e3bc0d18d851d1276481ed543c9e
Sha1:   87f953897b9f07e27e0b080a4320a9b78fc80167
Sha256: 9293803448e5928f3b09835cf60749954d6f5e303f176e63b988dc0079a744bb
                                        
                                            GET /wp-content/plugins/tsm-b2b/plugins/_the_tsi_forms/views/render/TSIFormsRenderer.js?ver=1620087526 HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 124537
Connection: keep-alive
Last-Modified: Tue, 04 May 2021 00:18:43 GMT
ETag: "722e0-5c176055b3dc0-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 44820456 45167935
Age: 2
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (39944), with LF, NEL line terminators
Size:   124537
Md5:    e5951598508cbd8b3566df08d871d4d8
Sha1:   8a46392c363c22d566cc0bd5a1ba1415ca6e5d11
Sha256: 984b6d7d7a8d9f94946b4e7eb1959ceb1bed9e323f2c49398debed2621628c13
                                        
                                            GET /cms_websites/js/external/scripts.js HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 120679
Connection: keep-alive
Last-Modified: Wed, 05 May 2021 00:02:48 GMT
ETag: "634a9-5c189ea3bb597-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 44971312 43396540
Age: 13789
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32077)
Size:   120679
Md5:    2b2400ce27b4d1d8ceca82bed3e8bad2
Sha1:   2ebaca6538cccffd5a042f53e46a18b2133acb9a
Sha256: bd364f13dac56e31208849b685194592c91631fa41a8c396c5346417fccc47e7
                                        
                                            GET /files/2022/08/carecredit.png HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 11160
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 17:45:39 GMT
ETag: "f0f624c01f902a67195d2481f1fdf212"
Expires: Wed, 03 Dec 2025 04:26:53 GMT
Vary: Accept-Encoding
X-Varnish: 283517757
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 502 x 65, 8-bit/color RGBA, non-interlaced\012- data
Size:   11160
Md5:    27e70fcbe8234e6ea3f355978b1ab7f1
Sha1:   ed3bd3316750ef185520e4a99c645207ebc60d5e
Sha256: b05857626e34e98a6c6967344fc2c6b77290979c0867ae687fe2b003bbe757e3
                                        
                                            GET /files/2022/08/icon-mountain.png HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 3966
Connection: keep-alive
Last-Modified: Wed, 10 Aug 2022 20:06:10 GMT
ETag: "85ffdc77373a8182dbe494bccf81d0f1"
Expires: Wed, 03 Dec 2025 04:26:53 GMT
Vary: Accept-Encoding
X-Varnish: 45109669
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 200 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size:   3966
Md5:    0abe3dc74bd96b0cf0188db1a19b9ae2
Sha1:   12bac0c8fda2b1db975e5c43fad0a6d12aea6cc5
Sha256: 215992e770eb2111d42605ced472be091eae83655fe7bdee1bfba7d6a6d35e51
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://montanamedicalaesthetics.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:40:18 GMT
expires: Fri, 29 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 266395
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /s/jost/v14/92zPtBhPNqw79Ij1E865zBUv7mxEIjVBNIg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://montanamedicalaesthetics.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 13:35:50 GMT
expires: Sun, 01 Oct 2023 13:35:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:35:36 GMT
age: 104663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10056, version 1.0\012- data
Size:   10056
Md5:    f62ba83f3cfa9202fb0b9b5817aa8825
Sha1:   ee75dafa8d03afdcd5cfe59f390b11e9626885a8
Sha256: 50e9b11979e71bd4f39d607163bc058e2a01b250fc259944ccd7b061067f01f5
                                        
                                            GET /wp-content/uploads/b2b/backgrounds/beacon/no-bkg-img.gif HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/cms_websites/cms_theme_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 1097
Connection: keep-alive
Last-Modified: Fri, 11 Oct 2013 16:05:10 GMT
ETag: "449-4e87948635980"
Vary: Accept-Encoding
X-Varnish: 45041287 43951220
Age: 9600
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   1097
Md5:    2a07edce0f76003d12f3693e7f62edc2
Sha1:   661766632e5fa48d967f8ed7ae8c0df2a4dead06
Sha256: 039a26881ec489fa598d5cc7b46025fc32b0f2c963f8fd904bf48799af646eb7
                                        
                                            GET /wp-content/themes/beacon-theme_charlotte/js/fontawesome/all.min.js HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 12 Jun 2020 00:07:25 GMT
ETag: "11e248-5a7d7dcacc8e5-gzip"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 45073860
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (65350)
Size:   432702
Md5:    aa24aa3a0a9984210198ac91297db647
Sha1:   2108d2f01c37149228877a9672d866c08f5daee6
Sha256: ce55bf8849d63b8767c7fd032fb9277ffec0bb103ca26ad3b66b330208f3855f
                                        
                                            GET /files/2022/08/01-Home-Injectables.jpg HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/cms_websites/cms_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 72427
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 14:24:43 GMT
ETag: "7d63d688f80636d7bcbf279bef56a13c"
Expires: Wed, 03 Dec 2025 03:27:12 GMT
Vary: Accept-Encoding
X-Varnish: 45049799 44116133
Age: 3580
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 899x529, components 3\012- data
Size:   72427
Md5:    718fdfe982c8fb46c91517d5a0efc7d7
Sha1:   57a2a8f73ec3954f5984d4418bf3762c344605a1
Sha256: bb60b22647d2e342d22c2d177ee380f4044b4162ed77952cd0030aa22619bc95
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cms_websites/css/dist/assets/fonts/clt-icons/tsi-cms.ttf?mx0048 HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: application/font-sfnt
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 16112
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 01:10:43 GMT
ETag: "3ef0-5e8acea22d307"
Vary: Accept-Encoding
X-Varnish: 45196454 43951223
Age: 9600
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tsi-cms \012- data
Size:   16112
Md5:    d7e0105a1d89d3a302e09d50c6d808c9
Sha1:   34eb40751fb3f70ffbae2f4270eb73b54349d982
Sha256: cab4658b86b05ecfabd81a7f07837ff0d3a38cad66972bc583b7c3b1e1eb00ad
                                        
                                            GET /files/2022/08/01-Home-SkinCareProducts.jpg HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/cms_websites/cms_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 37746
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 14:24:44 GMT
ETag: "f3d9b7ce7b2f3990c91402a644567f03"
Expires: Wed, 03 Dec 2025 04:26:53 GMT
Vary: Accept-Encoding
X-Varnish: 45041298
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   38820
Md5:    44fe48be39dd2bb8f6ba22c8b7988357
Sha1:   6df45927250c06e6c136522458b448c8880879a8
Sha256: 599ec22f79f5b7efc01df6f6566b747326d0673e5fc771cbde6b9526b5eb9dc8

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /files/2022/08/01-Home-ServicesForMen.jpg HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/cms_websites/cms_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 49775
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 14:24:44 GMT
ETag: "f3d9b7ce7b2f3990c91402a644567f03"
Expires: Wed, 03 Dec 2025 01:21:27 GMT
Vary: Accept-Encoding
X-Varnish: 283647662 281862340
Age: 11126
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 899x529, components 3\012- data
Size:   49775
Md5:    b93bd00ce7c0886c15823ac619f1f094
Sha1:   89d3ef65b80180c34005d280c7423ea3cc60ae17
Sha256: e1bc9eafcb0bbab4d94debc27a0c9e0cd480d2bae98e957286364a00de8c2830
                                        
                                            GET /css?family=Source+Sans+Pro%3A400%2C700&ver=248_11 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 18:40:12 GMT
date: Sun, 02 Oct 2022 18:40:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   38879
Md5:    dd9cd7e429c37ce993016831b2471a0f
Sha1:   79b2a1d22de094eae087bfbe927a052100ee3cf6
Sha256: 6f10902f96f53dca056ed106fecd4545dd814fa39530892e27858f57d9f0865b
                                        
                                            GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://montanamedicalaesthetics.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 22:19:03 GMT
expires: Tue, 26 Sep 2023 22:19:03 GMT
cache-control: public, max-age=31536000
age: 505270
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Size:   31760
Md5:    fda4d0b623999af43148ba34c3b1ff73
Sha1:   ca5496af89720cc3e94e6279132f252b7cd471a6
Sha256: 33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
                                        
                                            GET /files/2022/08/01-Home-FaceAndBody.jpg HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/cms_websites/cms_custom_css.php?ver=248_11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 59387
Connection: keep-alive
Last-Modified: Mon, 29 Aug 2022 14:24:43 GMT
ETag: "7d63d688f80636d7bcbf279bef56a13c"
Expires: Wed, 03 Dec 2025 03:27:13 GMT
Vary: Accept-Encoding
X-Varnish: 45196444 44737893
Age: 3580
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 899x529, components 3\012- data
Size:   59387
Md5:    8b2c01b31366cff29cbb804df9f2cba6
Sha1:   fe22023f292242a64ccb8680ef96f6f3d060bc6e
Sha256: 175c5f56ad27c7c9596a1a14cf89f110b2db80ec8647e5158ece8a0b9f26bf37
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cms_websites/css/dist/beacon-theme_charlotte/lb-img/loading.gif HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:14 GMT
Content-Length: 0
Connection: keep-alive
Location: https://montanamedicalaesthetics.com
Vary: Accept-Encoding
X-Varnish: 44971376
Age: 0
Via: 1.1 varnish (Varnish/5.2)

                                        
                                            GET /wp-content/themes/beacon-easton/img/transparent.png?w=720&h=405&ct=1 HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:14 GMT
Content-Length: 6841
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 16:00:13 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Wed, 12 Oct 2022 16:00:13 GMT
Vary: Accept-Encoding
X-Varnish: 44971379 43799583
Age: 9600
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 720 x 405, 8-bit/color RGBA, non-interlaced\012- data
Size:   6841
Md5:    6abc95c0cc4cd0f7fe549be6d8969142
Sha1:   46e22bda23ed241fdb6baefe226aa02fd172ba6f
Sha256: d448d3fae1a19dfb5f9b3c378f78779c48d08b9fe393ecd63f432099e5c9c2fa
                                        
                                            GET /wp-content/themes/beacon-easton/img/transparent.png?w=1600&h=NaN HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:14 GMT
Content-Length: 20679
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 18:40:14 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Wed, 12 Oct 2022 18:40:14 GMT
Vary: Accept-Encoding
X-Varnish: 44650355
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1500 x 1500, 8-bit/color RGBA, non-interlaced\012- data
Size:   20679
Md5:    a1546c06d158cbc9d240f9e112e27708
Sha1:   f0151524a1b48213a51b5b6152bad04ca521a2ea
Sha256: 51fe5ff96109fd3ea3d3cedf408a498601e16f8d130c9ebcf8aacb1839f33a2f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8641
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 18:40:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8641
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 18:40:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8641
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 18:40:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8641
Expires: Sun, 02 Oct 2022 21:04:15 GMT
Date: Sun, 02 Oct 2022 18:40:14 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 75101
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6871
Md5:    9dddb9d84a16a3004821d89836b83dc3
Sha1:   087521979efd5936416fd7f030779fa5725f0a8f
Sha256: a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
                                        
                                            GET /wp-content/themes/beacon-easton/img/transparent.png?w=720&h=405 HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:14 GMT
Content-Length: 6841
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 18:40:14 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Wed, 12 Oct 2022 18:40:14 GMT
Vary: Accept-Encoding
X-Varnish: 44941701
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 720 x 405, 8-bit/color RGBA, non-interlaced\012- data
Size:   6841
Md5:    6abc95c0cc4cd0f7fe549be6d8969142
Sha1:   46e22bda23ed241fdb6baefe226aa02fd172ba6f
Sha256: d448d3fae1a19dfb5f9b3c378f78779c48d08b9fe393ecd63f432099e5c9c2fa
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 50354
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
age: 75100
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9340
Md5:    6047192460abf4afd600948abb5e6ee1
Sha1:   6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
Sha256: d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
age: 75097
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4987
Md5:    463bdcfbec5426e18ecef83b1c373b71
Sha1:   2e533332ee5c49143e58dad32ee3717a39179532
Sha256: 2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
age: 75098
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11083
Md5:    edded48f558f739287a040151349ef67
Sha1:   d63b6ba630736d32c364b0e6a369274b2389b7ff
Sha256: 33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9600
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgmFdlIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:17:57 GMT
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38"
age: 73337
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9600
Md5:    11f2e40823827b62bca89d18ee279cb2
Sha1:   fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38
Sha256: c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f
                                        
                                            GET /wp-content/themes/beacon-easton/img/transparent.png HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:14 GMT
Content-Length: 1074
Connection: keep-alive
Last-Modified: Thu, 26 Sep 2019 18:16:47 GMT
ETag: "432-59378c5c6b324"
Vary: Accept-Encoding
X-Varnish: 44965660
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   1074
Md5:    80f261b3117134cc6bf19d2f9e97d0a1
Sha1:   25757b4d73e4f03438fab15ce588adc03db2a14c
Sha256: 4067b08cf16d7a7bf34ddb875b810abac509c5dda64663a3920b814060a6ac6a
                                        
                                            GET /files/2022/08/hero-home.jpg?w=1600&h=NaN HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:14 GMT
Content-Length: 230972
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 18:40:14 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Wed, 12 Oct 2022 18:40:14 GMT
Vary: Accept-Encoding
X-Varnish: 283647676
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x840, components 3\012- data
Size:   230972
Md5:    645027804425d11a7f9a44153b9f5d52
Sha1:   98868f3c588c7612e266beda8566bb36eae0de19
Sha256: 3352c5e9ffced1df5b87ec08adc7f8bfc43a9625c042c37344dd9d40dd01dc00
                                        
                                            GET /files/2022/08/hero-home.jpg?w=1600&h=NaN&ct=1 HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:14 GMT
Content-Length: 230972
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 18:40:14 GMT
Cache-Control: max-age=864000, must-revalidate
Expires: Wed, 12 Oct 2022 18:40:14 GMT
Vary: Accept-Encoding
X-Varnish: 45196471
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1500x840, components 3\012- data
Size:   230972
Md5:    645027804425d11a7f9a44153b9f5d52
Sha1:   98868f3c588c7612e266beda8566bb36eae0de19
Sha256: 3352c5e9ffced1df5b87ec08adc7f8bfc43a9625c042c37344dd9d40dd01dc00
                                        
                                            GET /maps/embed/v1/place?key=AIzaSyA5FbS9BqS7UoQLFzQZJfQe-0F02_YeYxc&q=2664+Grand+Ave%2C%2CBillings%2CMT%2C59102%2C HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-TerUy2P4g1r2HoADzp0vtA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
vary: Accept-Language, Origin, X-Origin, Referer
pragma: no-cache
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-encoding: gzip
date: Sun, 02 Oct 2022 18:40:14 GMT
server: scaffolding on HTTPServer2
content-length: 903
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1491)
Size:   903
Md5:    904fc57ee547b07905c02a3f28dbeebb
Sha1:   7315f9208fc6e56e768b1be4db779b2c7de36bdf
Sha256: e9a7e84cc657c72a1d7e059df222145caf3e6d2a76962a949efd9f84b99fdf20
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.200
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sun, 02 Oct 2022 18:17:11 GMT
expires: Sun, 02 Oct 2022 20:17:11 GMT
cache-control: public, max-age=7200
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
age: 1383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /maps-api-v3/embed/js/50/7a/init_embed.js HTTP/1.1 
Host: maps.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68977
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 15:52:02 GMT
expires: Sun, 01 Oct 2023 15:52:02 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 27 Sep 2022 20:34:50 GMT
age: 96492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2669)
Size:   68977
Md5:    3c88195b68b3f5ef55c8542d99bae032
Sha1:   21e4163d17a8e7763be9056f28c2ee79c9c5be0f
Sha256: a91ce7384cd146470b0cdbec8deaae8e2d70c73da9e9d042af0c602c35510162
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 18:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://montanamedicalaesthetics.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:14 GMT
Content-Length: 14281
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 44650368 44843397
Age: 1287
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3290), with CRLF, LF line terminators
Size:   14281
Md5:    175b9d4105f83da912815f02587ab8c1
Sha1:   07265edc55a4b02ea9820303170124e7d45112fd
Sha256: 8300926cfa3f9e48db622c4525de2405c8c9f8e2e6ea1fa7945e8e6692bc6212
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=161461
Date: Sun, 02 Oct 2022 18:40:14 GMT
Etag: "6339aec3-117"
Expires: Tue, 04 Oct 2022 15:31:15 GMT
Last-Modified: Sun, 02 Oct 2022 15:31:15 GMT
Server: nginx
Content-Length: 279

                                        
                                            GET /assets/livesite.css?1664736 HTTP/1.1 
Host: d2ra6nuwn69ktl.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.65.69
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 02 Oct 2022 00:13:11 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 11:44:43 GMT
etag: W/"b431455f98e64a9a5dc2de77b831d129"
x-amz-version-id: FMyiKae3A4_eXeUZCuEa_iKC4cso1sM2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 43f56e539b5c147f3a1a5a878be02240.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: cJuC25uVW5m24zgaVCK5HO8E43nJs1r8ssv1TLmgdFlYWbcu2PUo0Q==
age: 66424
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (63231)
Size:   8549
Md5:    a867f85d5821ef4da695f51d57186d3c
Sha1:   37d1f5b819b8798ad95a0c6f82873f99a93308ce
Sha256: d6238cc8e558e6719f143521bb59d47b79e7877d125f6f396c41b917df551e87
                                        
                                            GET / HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://montanamedicalaesthetics.com/cms_websites/css/dist/beacon-theme_charlotte/theme.css?ver=1
Connection: keep-alive
Cookie: __utma=127581969.829258144.1664736014.1664736014.1664736014.1; __utmb=127581969.2.10.1664736014; __utmc=127581969; __utmz=127581969.1664736014.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:15 GMT
Content-Length: 14280
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 283238217 283398556
Age: 11
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3290), with CRLF, LF line terminators
Size:   14280
Md5:    d8a3ca3fe01decf73c6c265165415548
Sha1:   bd2f2c3eb3672f2b0380f58282571f81c3286bc5
Sha256: b36b14ec08b11c229108b8dc4ebe81b92c5a49a6f727b01bdfe45c1e73904965
                                        
                                            GET /widgets/active_engage/configuration?id=1z9havudouwscs3x&callback=jQuery1111082795387109521_1664736014463&_=1664736014464 HTTP/1.1 
Host: www.vcita.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.3.196
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 02 Oct 2022 18:40:15 GMT
vary: Accept-Encoding
status: 200 OK
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
x-ua-compatible: IE=Edge,chrome=1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-request-id: 3b02494c5b456d33a624cab3493bd2b3
x-runtime: 0.010305
x-rack-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: source_referrer=https%3A%2F%2Fmontanamedicalaesthetics.com%2F; path=/ app_attribution_params=%5B%7B%22source_referrer%22%3A%22https%3A%2F%2Fmontanamedicalaesthetics.com%2F%22%2C%22time_stamp%22%3A%222022-10-02T18%3A40%3A15%2B00%3A00%22%7D%5D; domain=www.vcita.com; path=/; expires=Sat, 02-Oct-2032 18:40:15 GMT ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyODQzNzc5ZDM5OTZlMGI5MmQ4ZjgzOGJiYjcxZjY3BjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIipodHRwczovL21vbnRhbmFtZWRpY2FsYWVzdGhldGljcy5jb20vBjsARg%3D%3D--8bf6d1dceecf9732b860bf41bb318b559d31c00b; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 18:40:15 GMT; secure; HttpOnly _cfuvid=vPOxTCkI_Mf3XfemJx7aPTeaHzwkDNi_HtUqfoIDxMk-1664736015226-0-604800000; path=/; domain=.www.vcita.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 753f90bbea2bb503-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4343
Md5:    eac500e045177a698e93acf63bb57545
Sha1:   0bc6a6be145459284356f2bb89b035e83f175f81
Sha256: d40fecaf40d534489a16bd4986bae78e7c8b00c2276ef27bc97c808bed17bd8d
                                        
                                            GET /assets/css/icomoon/fonts/livesite-icons/icomoon.woff?-rdmvgd HTTP/1.1 
Host: d2ra6nuwn69ktl.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://montanamedicalaesthetics.com
Connection: keep-alive
Referer: https://d2ra6nuwn69ktl.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.65.69
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 65516
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 11:44:33 GMT
x-amz-version-id: DBG9TcurlPLrcdMuR6nJrmdeDk6oRhog
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 18:40:16 GMT
etag: "db122b8081b800020ab23b71c1214b92"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 43f56e539b5c147f3a1a5a878be02240.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: R6QTiFl-LqAxYkbaDh0OkQpWNlc46rMnWsAOnbE1QGcOMA0wMbfIKA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 65516, version 1.0\012- data
Size:   65516
Md5:    db122b8081b800020ab23b71c1214b92
Sha1:   eda21764b8506036b5f911e596532784dc25dbae
Sha256: fafcb0376b5e95ad63601b2cfc30db87a9ed0f6be6efcc611327f885c8130aa2
                                        
                                            GET /assets/css/icomoon/fonts/icomoon.woff?84yycz HTTP/1.1 
Host: d2ra6nuwn69ktl.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://montanamedicalaesthetics.com
Connection: keep-alive
Referer: https://d2ra6nuwn69ktl.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.65.69
HTTP/2 200 OK
content-type: application/octet-stream
                                        
content-length: 18204
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 11:44:32 GMT
x-amz-version-id: Pj2kkJOcjBK0kEUGXKxfLOpiyzaLd9Qk
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 18:40:16 GMT
etag: "5906d6e34193a2fd84132c877ce62b6a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 43f56e539b5c147f3a1a5a878be02240.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: 7akVOqS9kJD9qg-w0SCBVogPEJV0tO0CmsLjQ2AfpBRS3MquE6H26w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 18204, version 0.0\012- data
Size:   18204
Md5:    5906d6e34193a2fd84132c877ce62b6a
Sha1:   b0a315bacee76f22cff2ce31754afe2430f71441
Sha256: dfd2ecd12c5576aa486d2e5edc94db9e3c44259b70a139bf79b807bb6638901b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6101
x-amzn-requestid: 0edbc5d1-324f-4b4f-a55c-b9333f2bb6a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnFumIAMFoEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-1422f70670e89174415c1aba;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hG5L6pTNHLcM-nBovmH6kFuFK5oXJuxVWsnaffj6L8bDlGnpFVJFKg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:17:57 GMT
age: 73344
etag: "36c8dcdfdc2c59246ba9d999ddffd5387f68155e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6101
Md5:    e711c6bf0d0808f0b5c57b80916eba4d
Sha1:   36c8dcdfdc2c59246ba9d999ddffd5387f68155e
Sha256: e252f3c857e18ddaea7059bfb19826ac5e47c694ce57068d85f60bd1ac5f6c25
                                        
                                            GET /files/2022/09/New-MMAC-Logo-2020-removebg-preview.png HTTP/1.1 
Host: montanamedicalaesthetics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         216.152.143.240
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Sun, 02 Oct 2022 18:40:13 GMT
Content-Length: 87397
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 13:33:49 GMT
ETag: "8f1a74d35fbc6b4daf3c824227aa28a3"
Expires: Wed, 03 Dec 2025 01:46:52 GMT
Vary: Accept-Encoding
X-Varnish: 45289497 43639277
Age: 9601
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes


--- Additional Info ---
                                        
                                            GET /assets/livesite.js?1664736 HTTP/1.1 
Host: d2ra6nuwn69ktl.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.65.69
HTTP/2 200 OK
content-type: application/x-javascript
                                        
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 11:44:43 GMT
x-amz-version-id: rtk4CqouCAHVt1O7djtzhvbO7X9uQsYK
server: AmazonS3
content-encoding: gzip
date: Sun, 02 Oct 2022 01:39:46 GMT
etag: W/"f2d115cea54c6a011c4c9d3abd56e8ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 43f56e539b5c147f3a1a5a878be02240.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: ffmv9GID1O3UX814poCARBZLvsCk6fp075sGKMbg3bb4ojAKJlhe-g==
age: 79597
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/client_zones/1z9havudouwscs3x/account/active_engage_gate HTTP/1.1 
Host: www.vcita.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyODQzNzc5ZDM5OTZlMGI5MmQ4ZjgzOGJiYjcxZjY3BjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIipodHRwczovL21vbnRhbmFtZWRpY2FsYWVzdGhldGljcy5jb20vBjsARg%3D%3D--8bf6d1dceecf9732b860bf41bb318b559d31c00b; _cfuvid=vPOxTCkI_Mf3XfemJx7aPTeaHzwkDNi_HtUqfoIDxMk-1664736015226-0-604800000
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.3.196
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sun, 02 Oct 2022 18:40:15 GMT
status: 200 OK
x-ua-compatible: IE=Edge,chrome=1
cache-control: must-revalidate, private, max-age=0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyODQzNzc5ZDM5OTZlMGI5MmQ4ZjgzOGJiYjcxZjY3BjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIipodHRwczovL21vbnRhbmFtZWRpY2FsYWVzdGhldGljcy5jb20vBjsARg%3D%3D--8bf6d1dceecf9732b860bf41bb318b559d31c00b; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 18:40:15 GMT; secure; HttpOnly
x-request-id: c271985fd524c8c11ae1ee836dd95a88
x-runtime: 0.006509
x-rack-cache: miss
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 753f90bfc91eb503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1 
Host: static.cloudflareinsights.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.47.230
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Sun, 02 Oct 2022 18:40:15 GMT
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 753f90c11bf1b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /cdn-cgi/rum? HTTP/1.1 
Host: www.vcita.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1435
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/api/client_zones/1z9havudouwscs3x/account/active_engage_gate
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyODQzNzc5ZDM5OTZlMGI5MmQ4ZjgzOGJiYjcxZjY3BjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIipodHRwczovL21vbnRhbmFtZWRpY2FsYWVzdGhldGljcy5jb20vBjsARg%3D%3D--8bf6d1dceecf9732b860bf41bb318b559d31c00b; _cfuvid=vPOxTCkI_Mf3XfemJx7aPTeaHzwkDNi_HtUqfoIDxMk-1664736015226-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.3.196
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sun, 02 Oct 2022 18:40:15 GMT
access-control-allow-origin: https://www.vcita.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 753f90c18c74b503-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tr_pics/i?p=1955948&o=bG9hZGVy HTTP/1.1 
Host: www.vcita.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://montanamedicalaesthetics.com/
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyODQzNzc5ZDM5OTZlMGI5MmQ4ZjgzOGJiYjcxZjY3BjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIipodHRwczovL21vbnRhbmFtZWRpY2FsYWVzdGhldGljcy5jb20vBjsARg%3D%3D--8bf6d1dceecf9732b860bf41bb318b559d31c00b; _cfuvid=vPOxTCkI_Mf3XfemJx7aPTeaHzwkDNi_HtUqfoIDxMk-1664736015226-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.3.196
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 02 Oct 2022 18:40:15 GMT
status: 200 OK
cache-control: must-revalidate, no-cache, no-store, private, max-age=0
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-disposition: inline
content-transfer-encoding: binary
x-ua-compatible: IE=Edge,chrome=1
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: app_attribution_params=%5B%7B%22source_referrer%22%3A%22https%3A%2F%2Fmontanamedicalaesthetics.com%2F%22%2C%22time_stamp%22%3A%222022-10-02T18%3A40%3A15%2B00%3A00%22%7D%5D; domain=www.vcita.com; path=/; expires=Sat, 02-Oct-2032 18:40:15 GMT ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyODQzNzc5ZDM5OTZlMGI5MmQ4ZjgzOGJiYjcxZjY3BjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIipodHRwczovL21vbnRhbmFtZWRpY2FsYWVzdGhldGljcy5jb20vBjsARg%3D%3D--8bf6d1dceecf9732b860bf41bb318b559d31c00b; domain=.vcita.com; path=/; SameSite=None; expires=Thu, 01-Dec-2022 18:40:15 GMT; secure; HttpOnly
x-request-id: 91004b84bc0faa31cb583058cba21b1e
x-runtime: 0.026799
x-rack-cache: miss
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 753f90bff99ab503-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /cdn-cgi/rum? HTTP/1.1 
Host: www.vcita.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 484
Origin: https://www.vcita.com
Connection: keep-alive
Referer: https://www.vcita.com/api/client_zones/1z9havudouwscs3x/account/active_engage_gate
Cookie: ____vcita_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTkyODQzNzc5ZDM5OTZlMGI5MmQ4ZjgzOGJiYjcxZjY3BjsAVEkiFHNvdXJjZV9yZWZlcnJlcgY7AEZJIipodHRwczovL21vbnRhbmFtZWRpY2FsYWVzdGhldGljcy5jb20vBjsARg%3D%3D--8bf6d1dceecf9732b860bf41bb318b559d31c00b; _cfuvid=vPOxTCkI_Mf3XfemJx7aPTeaHzwkDNi_HtUqfoIDxMk-1664736015226-0-604800000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.18.3.196
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sun, 02 Oct 2022 18:40:21 GMT
access-control-allow-origin: https://www.vcita.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 753f90e5cc08b503-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---