| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd2560f62890e75b8de444fed96c22f52 334ce0c48e606ee029f31eeb1463af87b1024bb9 4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11274
Expires: Tue, 27 Sep 2022 01:41:23 GMT
Date: Mon, 26 Sep 2022 22:33:29 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.36 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 22:15:24 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EGFyWa-1RiwMVVH00lmOxYN6rQI-hKQ4z3O6g_aplN7wdl4gl_JM2w==
Age: 1085
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 143.204.55.49 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP143.204.55.49:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wyL4RXvMfZUO1p7c7BbKNnVy8RZjcU26LWXUg-uhnO7Uly7ImRBmxQ==
age: 64694
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:33:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| error.exteriorgraphicsdesign.com/ga/click/2-320805751-1626-14315-27951-25824-bec6bd6b1c-r2ea7524db | 66.94.127.114 | 302 Found | 120 B |
URL HTTP/1.1error.exteriorgraphicsdesign.com/ga/click/2-320805751-1626-14315-27951-25824-bec6bd6b1c-r2ea7524db IP66.94.127.114:0
File typeHTML document text\012- HTML document, ASCII text, with no line terminators Hash7940ac55967bf79c5ae020d33aeefd21 ed0f6b25d5603572acfd1f73f59133bf75478182 2a50a137febc23043c6b513aab30bd921f315043622fd9f246be22cca5a2b4eb
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /ga/click/2-320805751-1626-14315-27951-25824-bec6bd6b1c-r2ea7524db HTTP/1.1
Host: error.exteriorgraphicsdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 26 Sep 2022 22:33:04 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: a94efc13e1ab638dd61d1768b32e6105
Location: https://www.iz8qatrk.com/9W598/63PMH4C/?sub1=XMcdddelw
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.019994
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| ocsp.starfieldtech.com/ | 192.124.249.23 | 200 OK | 1.8 kB |
IP192.124.249.23:0
Hash37a306e0b2f29815839f351232eef473 2dce0feb5e36fb34fe5e4e61b3898ccf8342b83c 5efc8ef743a0f44c3292a49439ad931fae47fd62771170176caa9cc912c845f2
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 26 Sep 2022 22:33:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 26 Sep 2022 21:26:04 GMT
Expires: Tue, 27 Sep 2022 21:26:04 GMT
ETag: "2dce0feb5e36fb34fe5e4e61b3898ccf8342b83c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.36 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 22:10:46 GMT
Expires: Mon, 26 Sep 2022 22:39:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nNfVdwx6gWtenAeOoH-ulJoue9Ui7DCSwOVBfAKmgGEuNSuKsVB4DQ==
Age: 1363
|
|
| www.iz8qatrk.com/9W598/63PMH4C/?sub1=XMcdddelw | 34.102.147.100 | 302 Found | 130 B |
URL HTTP/2www.iz8qatrk.com/9W598/63PMH4C/?sub1=XMcdddelw IP34.102.147.100:0
File typeHTML document, ASCII text Hash10751c097f3f9981be1e8b92e4ec32f3 d6674747a9c13048310e295fad78fe1174ae3f64 18df26ba683588d48d6926cb9685d6b351e0b7f2cae977335e6ff6105f65b76c
GET /9W598/63PMH4C/?sub1=XMcdddelw HTTP/1.1
Host: www.iz8qatrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Mon, 26 Sep 2022 22:33:29 GMT
content-type: text/html; charset=utf-8
content-length: 130
location: https://mwquestion.com/7552/434/2/?subid=7&subid2=9ab5e82d318445019a9f7a09fa37e460&subid3=XMcdddelw
set-cookie: uniqueClick_63PMH4C=1bdb6ce4-6ad3-4387-afba-41bbb24f88a8:1664231609; Path=/; Expires=Wed, 26 Oct 2022 22:33:29 GMT; Secure; SameSite=None
transaction_id=9ab5e82d318445019a9f7a09fa37e460; Path=/; Expires=Sun, 25 Dec 2022 22:33:29 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: eb748397-8754-4590-a631-4e5d7e0bab85
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash5adb7eb1d103eadeeafac36e663ffdd3 23b784388dd634fa736cd60aed71570661e73d02 5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5979
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:29 GMT
Last-Modified: Mon, 26 Sep 2022 20:53:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.starfieldtech.com/ | 192.124.249.23 | 200 OK | 1.8 kB |
IP192.124.249.23:0
Hash37a306e0b2f29815839f351232eef473 2dce0feb5e36fb34fe5e4e61b3898ccf8342b83c 5efc8ef743a0f44c3292a49439ad931fae47fd62771170176caa9cc912c845f2
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 26 Sep 2022 22:33:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 26 Sep 2022 21:26:04 GMT
Expires: Tue, 27 Sep 2022 21:26:04 GMT
ETag: "2dce0feb5e36fb34fe5e4e61b3898ccf8342b83c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
|
|
| push.services.mozilla.com/ | 34.216.192.228 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.216.192.228:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1Q88Uq0fOeCsh03/YOV1OQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Oe2YcBKVxfLoOMOcrMYggaemewY=
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.20.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.20.226:0
Hash4ae55f515989c535e66d6007ed7bfdf0 74b887bd6691842d3186b57b1e882c9aa8975e3a 0ac64c142fd54cd0f648318e6e41c3475bacef5c2322d5b73bf21d567ee218a8
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 22:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 30 Sep 2022 22:33:29 GMT
ETag: "74b887bd6691842d3186b57b1e882c9aa8975e3a"
Last-Modified: Mon, 26 Sep 2022 22:33:30 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750f762f9f3eb51d-OSL
|
|
| prstfreetrk.com/?a=68&c=2387&s2=7552_sessid20220926223333218&s1=434 | 34.210.140.128 | 302 Found | 251 B |
URL HTTP/1.1prstfreetrk.com/?a=68&c=2387&s2=7552_sessid20220926223333218&s1=434 IP34.210.140.128:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashb1585b01f1ed6d1763e31c28f5a8118d 35a8a383871998357140d6a9f7fba23b6798f380 3b500391a8dab97491d0a062c84094387eff38bbad61c6ee30934643e0e360a9
GET /?a=68&c=2387&s2=7552_sessid20220926223333218&s1=434 HTTP/1.1
Host: prstfreetrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 251
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Sep 2022 22:33:31 GMT
Location: https://prstfrtrk.com/?a=68&c=2387&s2=7552_sessid20220926223333218&s1=434&ckmguid=4a085c46-d374-490a-9cac-10dea21307b2
Connection: close
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3467
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:33:31 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3467
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:33:31 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash639785692dc29802e484e1e1d0ec86c4 cf81784351ce6302f540f491f893b44496809677 0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3467
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:33:31 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3d478b7bea64d1a5998967c0a665e6be b078452d30703ea98ad4a7f7fd411b3e2a42ee71 24158d741732109ae2be7314205ac35f4c8b29785876f2785e8bb0ea906762b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6628
x-amzn-requestid: 1f0e95f2-d860-422f-80ad-96c6e7c941c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1vvHIaoAMFV4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296997-5746c99d78e025945cfdd238;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9-6jF5OoUb2I2HBasyNXBZC-L6rF1VINmgoBFZMuJ9eNelzkS-8BDQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:08:24 GMT
age: 1507
etag: "b078452d30703ea98ad4a7f7fd411b3e2a42ee71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1205d7e-1174-4788-b080-6eefdcf33480.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1205d7e-1174-4788-b080-6eefdcf33480.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash08590e33d7c8ebc6360d1d631f29178d b37a39808c82e85f1860a48b3f451ef8d172a336 393c2c891699d1c47cb9d73412229624bdb3cc10cc0b509d8ec582d2c9a97aa1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1205d7e-1174-4788-b080-6eefdcf33480.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6836
x-amzn-requestid: 64bb0de3-8ea1-42eb-9f09-8ec659ee9298
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkrdFptoAMFmlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b15-241d20bc25e670e12ff634cf;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kYeh01s4UsRIkT9ASt--Gs5uUHPNIMrkY8eypOkjopOXBh4iwOshFw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:51:13 GMT
etag: "b37a39808c82e85f1860a48b3f451ef8d172a336"
content-type: image/jpeg
age: 2538
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3140ec95f33c36599de95b25cdade940 932c74fa24b61ee1b1c672b6c19b1e736caab8d3 f7488246ca75fddc504812f4c5944a5a2494cdb14b6ef1db5fb28beca5cff194
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9737
x-amzn-requestid: aec3c3e9-42e5-4de5-8882-118002369ef8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreGJxoAMF-oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-527ccd70654c22891262279d;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ukn4d6yPeJJHN5trYK3xbhik2pX41zHki3nG5r6fCzQgm3vYw5lhAA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:43:16 GMT
age: 3015
etag: "932c74fa24b61ee1b1c672b6c19b1e736caab8d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg | 34.120.237.76 | 200 OK | 7.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4197a8a505b360b0c43142faf8cb7f48 4dbd2da7f7c45a97e3f6f6544ed428e892227cc3 434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dVs6mb-XGvvd4DXu8yFwO11iheR3QU3O3jFpxjcHZnWCc6jlXpx0Rg==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:51:54 GMT
age: 2497
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf1af609199093985d73fd1d256482c12 a54f3f4af645c1c93299360bc7dcf06bbae8de81 047e15a2d3ea5b7d1f3d22cdac2ac0446c6267c99deb0b12576366088d29d5b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8657
x-amzn-requestid: 172be66b-6140-4ff6-a061-22d177e75c23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YtlXZGujoAMF2vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63288295-6f74795f2b26d54409b2f388;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 14:54:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RCHPkVe_BYTR3-jGiJZ6reK2ZNYa6rvqsK0_QZr0cTiR70JMRPSMuw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:02:04 GMT
age: 1887
etag: "a54f3f4af645c1c93299360bc7dcf06bbae8de81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg | 34.120.237.76 | 200 OK | 4.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashefaaa002eb6251769ea6dbf306ced3a1 9f99fa947a603fd6b10ff149e379cd04ad83d27a 238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 25452
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.20.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.20.226:0
Hashd521900a3b6b4a628dfad1736c73f536 caa1a1fb24e9d7667b48d76917bd9291604f4c9c bfd51afafc1031144de4095e34cc814db5c33fc68c5048e4f0665db093f11d7a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 22:33:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 30 Sep 2022 22:22:39 GMT
ETag: "caa1a1fb24e9d7667b48d76917bd9291604f4c9c"
Last-Modified: Mon, 26 Sep 2022 22:22:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 651
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750f76344c62b51d-OSL
|
|
| prstfrtrk.com/?a=68&c=2387&s2=7552_sessid20220926223333218&s1=434&ckmguid=4a085c46-d374-490a-9cac-10dea21307b2 | 52.39.146.208 | 302 Found | 272 B |
URL HTTP/1.1prstfrtrk.com/?a=68&c=2387&s2=7552_sessid20220926223333218&s1=434&ckmguid=4a085c46-d374-490a-9cac-10dea21307b2 IP52.39.146.208:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash642264fd61e2b48d9ae06b76b50ba7c5 7167541edc3da284aeae8c0083ee119a491da5da 22ee93932103f9e9916b78a277d0ff1ef15468a2f909d09f0f697426d8ffce2d
GET /?a=68&c=2387&s2=7552_sessid20220926223333218&s1=434&ckmguid=4a085c46-d374-490a-9cac-10dea21307b2 HTTP/1.1
Host: prstfrtrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: trk=zWhSSUczfa3OeVWqb3k7NgXxL+MKIQ16EiX52VgH9kOk1cgCXJzFDA==; c141=3R5A7PFm1qUwSY5aOaqkPifZwGwL6NK1+T8ZqkYqnIa+vyfYDwaiRg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 272
Content-Type: text/html; charset=utf-8
Date: Mon, 26 Sep 2022 22:33:31 GMT
Location: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=ifFC0cWMHyg7nbzEwJlsKa1QiodA2pFELdjeYTffuSP6ZYCP6069Yg==; domain=.prstfrtrk.com; path=/; SameSite=None; secure; HttpOnly
trk=/tX76o5/cnTOeVWqb3k7NgDp8rmnEdANEpF+HOMs+nn57dYnZ+aSrg==; domain=.prstfrtrk.com; expires=Thu, 26-Sep-2024 22:33:31 GMT; path=/; SameSite=None; secure; HttpOnly
c141=ifFC0cWMHyijCCv5NnAECbKYNoxIwXI/+T8ZqkYqnIa+vyfYDwaiRg==; domain=.prstfrtrk.com; expires=Wed, 26-Oct-2022 22:33:31 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
|
|
| ocsp.pki.goog/s/gts1p5/SX_GKWsBYcU | 142.250.74.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/SX_GKWsBYcU IP142.250.74.3:0
Hash1a0c38303d967bb65b3f744819c7382b 0367bdceda4d3db195be9d0b597f096baacba508 c60f15d6e8ae1f63be1f312dd72e48ed6cfdda4fd1f3e0ad9b921296595b3243
POST /s/gts1p5/SX_GKWsBYcU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| theprostatecurse.com/imgs/progressbar.gif | 172.66.43.107 | 200 OK | 7.9 kB |
URL HTTP/2theprostatecurse.com/imgs/progressbar.gif IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash9ce981dd6cf1482d6c887c0c29f32f8c 81835fea99e551aa90c05c845520707b8327f4b7 43f4f8776afc1bec39e9f79b1db8b68206a2f2597476d6b63798d71557c185a8
GET /imgs/progressbar.gif HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 7908
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=gif, origSize=10819
content-disposition: inline; filename="progressbar.webp"
last-modified: Fri, 29 Jul 2022 14:49:47 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f7638ead00b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/_screenPF.jpg | 172.66.43.107 | 200 OK | 41 kB |
URL HTTP/2theprostatecurse.com/research/imgs/_screenPF.jpg IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 896x504, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash35656c22266e4d8689f7c19d61fb2990 e40de118372af419a73809c08a66bc88ceeb9340 e7a811fece8ab98d344c6c5604a2564f7fe2f0f0a2aba7ca9da144544d9bd437
GET /research/imgs/_screenPF.jpg HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 41032
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=61567
content-disposition: inline; filename="_screenPF.webp"
last-modified: Wed, 24 Aug 2022 12:46:40 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f7638ead10b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/product1.png | 172.66.43.107 | 200 OK | 6.8 kB |
URL HTTP/2theprostatecurse.com/research/imgs/product1.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash6bbf16eb564b922bbc3717842cf2ee11 a2e00642f34fd9c571ed2f7da0f5ac993f58daac 40fd66db724554efab7f1903af691342dabc159a9b17ae42844c6db5ae08c7be
GET /research/imgs/product1.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 6752
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7147
content-disposition: inline; filename="product1.webp"
last-modified: Fri, 29 Jul 2022 14:48:07 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f7638ead20b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/cta-btn.png | 172.66.43.107 | 200 OK | 2.1 kB |
URL HTTP/2theprostatecurse.com/research/imgs/cta-btn.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hasheee62eab078856d6d4660487cb319603 02b6b4376ad3a5eca179cd580c5ceba5df70b87f 1d08f6e910e93ba795015492d03f538024b02a5e1c4cba0a9e63f8a3577883c1
GET /research/imgs/cta-btn.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 2064
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2387
content-disposition: inline; filename="cta-btn.webp"
last-modified: Fri, 29 Jul 2022 14:48:01 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f7638fad30b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/product6.png | 172.66.43.107 | 200 OK | 19 kB |
URL HTTP/2theprostatecurse.com/research/imgs/product6.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash362bcd184f9dda00d707842e96602ce7 ea0c05df3c8a9e5e8a94b59a23081dcee7bbf0cf 502959ffbd3b102e1e89331121350d834e0339f0e8e0549435d78f5cd5108846
GET /research/imgs/product6.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 19310
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=19810
content-disposition: inline; filename="product6.webp"
last-modified: Fri, 29 Jul 2022 14:48:07 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f7638fad50b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/product3.png | 172.66.43.107 | 200 OK | 17 kB |
URL HTTP/2theprostatecurse.com/research/imgs/product3.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash88aa9d4db73931135599fce074d75ef5 ba7130fdf3136ee377b484015add315050cc9eeb 6a0b433282a8c9d9229a6659f0643dce2c617469776599478117541786181bff
GET /research/imgs/product3.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 16858
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=17136
content-disposition: inline; filename="product3.webp"
last-modified: Fri, 29 Jul 2022 14:48:07 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f7638fad70b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/cards3.png | 172.66.43.107 | 200 OK | 2.7 kB |
URL HTTP/2theprostatecurse.com/research/imgs/cards3.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash6721a3677d9da2ddb6634f2964bb9d08 09c58b238ed935f25a911d2a3412a1bd79342cc9 b87cbef63d0c5f629562463b02076993d6bac974ed0bc15397f04f76a330146b
GET /research/imgs/cards3.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 2662
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2954
content-disposition: inline; filename="cards3.webp"
last-modified: Fri, 29 Jul 2022 14:48:00 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 662
accept-ranges: bytes
server: cloudflare
cf-ray: 750f7638fad40b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/stars-rating-v1.png | 172.66.43.107 | 200 OK | 928 B |
URL HTTP/2theprostatecurse.com/research/imgs/stars-rating-v1.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash326664a0ad80ed37a3d43b2004611aa3 9ca8850e8d45c25399c1d9ca42a14e9dd4451965 94456f4710a41f0fcccd3d83e22bd51328a6067b154abbbd0208038300c42161
GET /research/imgs/stars-rating-v1.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 928
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1070
content-disposition: inline; filename="stars-rating-v1.webp"
last-modified: Fri, 29 Jul 2022 14:48:11 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f7638fad90b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/guar-bages.png | 172.66.43.107 | 200 OK | 16 kB |
URL HTTP/2theprostatecurse.com/research/imgs/guar-bages.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashc1331b164fa7bfac30e572f0e0e46aba dec7c6d658ffb67c498e5f7f104e9384ca958bdf d23659c0bdf4003d9fb9cd025bfe993542d07f35f953c72e538e5bacd901eff0
GET /research/imgs/guar-bages.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 15746
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=17842
content-disposition: inline; filename="guar-bages.webp"
last-modified: Fri, 29 Jul 2022 14:48:02 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f7638fae00b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/seal1.png | 172.66.43.107 | 200 OK | 15 kB |
URL HTTP/2theprostatecurse.com/research/imgs/seal1.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash7a3fec56d6bb502bc2679e20b1debcc0 a848705cd983685061a5d0aeec5215470487d220 33177cc7011dcc3acc18800478839d09f63c6928d196f25d4cefac821cc3754d
GET /research/imgs/seal1.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 14838
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=15326
content-disposition: inline; filename="seal1.webp"
last-modified: Fri, 29 Jul 2022 14:48:10 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 662
accept-ranges: bytes
server: cloudflare
cf-ray: 750f7638fadf0b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/bonus-prod1.png | 172.66.43.107 | 200 OK | 26 kB |
URL HTTP/2theprostatecurse.com/research/imgs/bonus-prod1.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash35b0dc05cba4c9744c6ea440867f7679 79b4e253132720ce91d40dc7ddaacf1dd02578e0 c18a89c63efa63797fa1d83cbba48155f63b104326303c9a9ed43ea3fceb5a4e
GET /research/imgs/bonus-prod1.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 25914
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=28232
content-disposition: inline; filename="bonus-prod1.webp"
last-modified: Fri, 29 Jul 2022 14:47:59 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f76390aea0b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/bonus-prod2.png | 172.66.43.107 | 200 OK | 68 kB |
URL HTTP/2theprostatecurse.com/research/imgs/bonus-prod2.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashc8065e52fd4c6ed090c414622920edf2 5d8938ee6a9f8ae0dfc5a6216c100cc75025368b 8d26631f910c2337fbfbcb32985ce090688a1ad9a346d717bb68e60161af7ad5
GET /research/imgs/bonus-prod2.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 67512
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=72509
content-disposition: inline; filename="bonus-prod2.webp"
last-modified: Fri, 29 Jul 2022 14:48:00 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f76390aeb0b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/shipping-icon.png | 172.66.43.107 | 200 OK | 1.2 kB |
URL HTTP/2theprostatecurse.com/research/imgs/shipping-icon.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashb04e5ea534505d170e447db759fb6577 8fb026ec5ba0e2d197a981b3dfa7591d4808b1b1 6bf0a5e79c679fe916f5eb0ea8499eb116ec7cabec30eb3130f5e30a7073cb70
GET /research/imgs/shipping-icon.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 1182
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1413
content-disposition: inline; filename="shipping-icon.webp"
last-modified: Fri, 29 Jul 2022 14:48:10 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f76390aed0b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/imgs/ProstaFree_logo-x2.png | 172.66.43.107 | 200 OK | 12 kB |
URL HTTP/2theprostatecurse.com/imgs/ProstaFree_logo-x2.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash730e83e61956ad3ca7f2a6ee4ed2c00c 48ff338210b813dd17069e727325c5c8a4d74728 e9e23ec8adb9548c8777e58d5f3d3608d2970c8ebb9e75a541c826078df59428
GET /imgs/ProstaFree_logo-x2.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 11520
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=12026
content-disposition: inline; filename="ProstaFree_logo-x2.webp"
last-modified: Fri, 29 Jul 2022 14:49:48 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 661
accept-ranges: bytes
server: cloudflare
cf-ray: 750f76390aee0b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/benefits_bullet.png | 172.66.43.107 | 200 OK | 1.7 kB |
URL HTTP/2theprostatecurse.com/research/imgs/benefits_bullet.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash56c3657a7c7c57eb09e283e2d466bd41 16f83093da4bf672d76642f4388c6b7a3cca52fc 88c86a870016c03f246aaa4523de5776f134007cabde287d42402151ca91d379
GET /research/imgs/benefits_bullet.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 1678
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1879
content-disposition: inline; filename="benefits_bullet.webp"
last-modified: Fri, 29 Jul 2022 14:47:58 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f76390af00b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/testi1.png | 172.66.43.107 | 200 OK | 23 kB |
URL HTTP/2theprostatecurse.com/research/imgs/testi1.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashbb5a79278c389b30a90a7612c1b3dfa5 67af8deb91d8700d7baf41d0e170a52f262f2c53 45a7a811e3b7bebbbba6449fabed8888a7354afbbe9e0d83aa65e8818cd41509
GET /research/imgs/testi1.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 22970
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=36259
content-disposition: inline; filename="testi1.webp"
last-modified: Fri, 29 Jul 2022 14:48:14 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f76390af10b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/stars.png | 172.66.43.107 | 200 OK | 1.1 kB |
URL HTTP/2theprostatecurse.com/research/imgs/stars.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash4f58890e51e66659232fde7f4e850437 f3b73e9a9e286d6c962a7812cf4908ea036727f6 86145fe164dc0e5c2ed1034bb82bd615ac12fb590f0b7e2578f68e08fd90d587
GET /research/imgs/stars.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 1116
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1265
content-disposition: inline; filename="stars.webp"
last-modified: Fri, 29 Jul 2022 14:48:11 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f76390af20b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/testi2.png | 172.66.43.107 | 200 OK | 23 kB |
URL HTTP/2theprostatecurse.com/research/imgs/testi2.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashe826fc53d53107a10b0c520abdebb73e e56d59b9af0f9cc84862f76b56b431f55d87af05 6339bbff78b92233c48c27ed9ce73e5a855fbdfedc14e0d76ef31b5a7415b9a1
GET /research/imgs/testi2.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 22752
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35558
content-disposition: inline; filename="testi2.webp"
last-modified: Fri, 29 Jul 2022 14:48:14 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f76390af50b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/imgs/ProstaFree_logo-x2-white.png | 172.66.43.107 | 200 OK | 5.8 kB |
URL HTTP/2theprostatecurse.com/imgs/ProstaFree_logo-x2-white.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashc1e13cacf45d6f9061d468c7f83f3f54 81252e167d9bbf5fa917131176b834ea827c6a16 0788892d5792ca6583bb67c01b3990c88a6defb903887ee5f46916db313023d4
GET /imgs/ProstaFree_logo-x2-white.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 5814
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6067
content-disposition: inline; filename="ProstaFree_logo-x2-white.webp"
last-modified: Fri, 29 Jul 2022 14:49:47 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 661
accept-ranges: bytes
server: cloudflare
cf-ray: 750f76390af80b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/imgs/testi3.png | 172.66.43.107 | 200 OK | 28 kB |
URL HTTP/2theprostatecurse.com/research/imgs/testi3.png IP172.66.43.107:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashf9e2017378fcb6526846ad7ad6931716 096528177e038681d4497b425f194859b9329f74 e45abee0f32ffd0668e6abb182da6673cd876abfe95e5661b5033b958cbb4d56
GET /research/imgs/testi3.png HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: image/webp
content-length: 28054
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=42565
content-disposition: inline; filename="testi3.webp"
last-modified: Fri, 29 Jul 2022 14:48:15 GMT
vary: Accept
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
server: cloudflare
cf-ray: 750f76390af60b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/fonts/ProximaNova-Extrabld.woff | 172.66.43.107 | 200 OK | 52 kB |
URL HTTP/2theprostatecurse.com/research/fonts/ProximaNova-Extrabld.woff IP172.66.43.107:0
File typeWeb Open Font Format, TrueType, length 51504, version 0.0\012- data Hash7f277b30c2d157a866644f7d861cbd6e 68ec8f7b24e40f10374ead63aa0daf0cc455f1e0 ca58fe74a581322b46d41e976600b4a5019bfe2c7839ffd38c8e710f2e833737
GET /research/fonts/ProximaNova-Extrabld.woff HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: font/woff
content-length: 51504
last-modified: Fri, 29 Jul 2022 14:47:54 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f76393b100b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/fonts/ProximaNova-Semibold.woff | 172.66.43.107 | 200 OK | 52 kB |
URL HTTP/2theprostatecurse.com/research/fonts/ProximaNova-Semibold.woff IP172.66.43.107:0
File typeWeb Open Font Format, TrueType, length 51760, version 0.0\012- data Hash3c4a5cdaa683834b9cc535dbcdd75153 19983ffca2d7c7386f07a055f92a358b952f82e9 b0cfaf554e50dd137466c34a03e3bb314e830785afa954956062c6994aec9445
GET /research/fonts/ProximaNova-Semibold.woff HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: font/woff
content-length: 51760
last-modified: Fri, 29 Jul 2022 14:47:56 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f76394b140b45-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/fonts/ProximaNova-Bold.woff | 172.66.43.107 | 200 OK | 52 kB |
URL HTTP/2theprostatecurse.com/research/fonts/ProximaNova-Bold.woff IP172.66.43.107:0
File typeWeb Open Font Format, TrueType, length 51944, version 0.0\012- data Hash637c241b1d81e95d681796891e1fb1ac d5da75d2b826d9da27378a9c0f7e0b620031c339 e9f28e3823f3c6f150bbc92899c421d470322e7c1118eb8ce6c9c18e8aeb6799
GET /research/fonts/ProximaNova-Bold.woff HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: looked=yes; _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: font/woff
content-length: 51944
last-modified: Fri, 29 Jul 2022 14:47:53 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4856
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f76395b200b45-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbfc8c650e23854f708a3dd54fca4393f b54c061cf5a5306a68112d403471914e839a68c8 84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js | 142.250.74.138 | 200 OK | 31 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP142.250.74.138:0
File typeASCII text, with very long lines (65447) Hash7808e0e4b7a714230373852158500533 4a79d18722a68a2f38d52e2d3a11b550bdd30b3c 8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 09:42:03 GMT
expires: Tue, 26 Sep 2023 09:42:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 46289
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashc939f97c8bcbfea356e92036803714bc 608c795e7c4fb943a4db49a4e4533c41ea717023 b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fast.wistia.net/assets/external/E-v1.js | 151.101.86.110 | 200 OK | 116 kB |
URL HTTP/2fast.wistia.net/assets/external/E-v1.js IP151.101.86.110:0
File typeASCII text, with very long lines (65536), with no line terminators Size116 kB (116449 bytes) Hash29859c25251a09db0fbb53d16f113f00 92181e51740dc972f12c910bcfd1a0fe65f9c6f7 5f65a138a867ada83aa1e14b1fa47e89c49ece7134486220e5bb78c5ba4d9b38
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "632da87d-1c6e1"
last-modified: Fri, 23 Sep 2022 12:37:17 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 26 Sep 2022 22:33:32 GMT
age: 2038
x-served-by: cache-iad-kiad7000129-IAD, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 7
x-timer: S1664231612.467618,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 116449
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbfc8c650e23854f708a3dd54fca4393f b54c061cf5a5306a68112d403471914e839a68c8 84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fast.wistia.com/embed/medias/zpgiy96yzn.jsonp | 151.101.86.110 | 200 OK | 1.6 kB |
URL HTTP/2fast.wistia.com/embed/medias/zpgiy96yzn.jsonp IP151.101.86.110:0
File typeASCII text, with very long lines (5228) Hashcec3846a7a27e036ed1c5b35653d6a1c d417ee0ac3fee019d4aea74a6336d6e60abb40ef 971b4ef9ffd2f0ff2f604db8d9cd12fc152f0ac91639c5bf340843a1c7b8f888
GET /embed/medias/zpgiy96yzn.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"cb725665a1690dc053370642b2d663fd"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: ef153c2c94ff5eecbbcb2e3175f199de
x-runtime: 0.067319
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 26 Sep 2022 22:33:32 GMT
age: 12063
x-served-by: cache-iad-kjyo7100041-IAD, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 2
x-timer: S1664231613.503236,VS0,VE0
vary: Accept-Encoding,Referer,X-Forwarded-Proto,X-Normalized-User-Agent,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1629
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-W4CVTDK | 142.250.74.72 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-W4CVTDK IP142.250.74.72:0
File typeASCII text, with very long lines (1720) Hash73e1bfd1fc6474fb07ef78f9f8f2dcaf 09d430a2b23558ee893aba0a7d05cd106b0b4b68 0847924f8c9f047836b5676efe18ffdddb93671a4ccf5b9c95a8fef05fe0876d
GET /gtm.js?id=GTM-W4CVTDK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 22:33:32 GMT
expires: Mon, 26 Sep 2022 22:33:32 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 513 B |
IP142.250.74.3:0
Hash5c8d5fa64a85e1ef896bd5c8a648fde6 6da03fc539be11e60f9766e255d46183b098c341 673a0a9f22e1b4b146e08052c345110b1f3c5e7ea66267522c346513835ad59a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hashcae538dcce82598fbe43c0bf443e62dd cc68ac6be9c5e0087a0000e5735b83270ace30f5 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 20:41:09 GMT
expires: Mon, 26 Sep 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 6743
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fast.wistia.net/assets/external/wistia-mux.js | 151.101.86.110 | 200 OK | 32 kB |
URL HTTP/2fast.wistia.net/assets/external/wistia-mux.js IP151.101.86.110:0
File typeASCII text, with very long lines (65536), with no line terminators Hash4e0bd02908384de7517dc6ce2d132a92 e5be3ef18fddb02671eb704d34e3493cdfcb80ae da3f40915f30cc7863ae44e57acfbc344682d22cba4f29159e2fd5896574b8c6
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "632da87d-7e6e"
last-modified: Fri, 23 Sep 2022 12:37:17 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 26 Sep 2022 22:33:32 GMT
age: 2037
x-served-by: cache-iad-kcgs7200110-IAD, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 6
x-timer: S1664231613.712578,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 32366
X-Firefox-Spdy: h2
|
|
| fast.wistia.net/assets/external/playPauseLoadingControl.js | 151.101.86.110 | 200 OK | 16 kB |
URL HTTP/2fast.wistia.net/assets/external/playPauseLoadingControl.js IP151.101.86.110:0
File typeASCII text, with very long lines (59899), with no line terminators Hashbc2e2ee2292331734472380da1b8e246 f1c0d0a56add17cf01bfcb69f4165f1a987d56a0 fb6c5149e6bded580759f0dbf09eec19df63d2e925b109e5770598e87a2f7a00
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "632da87d-3e3c"
last-modified: Fri, 23 Sep 2022 12:37:17 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 26 Sep 2022 22:33:32 GMT
age: 2038
x-served-by: cache-iad-kcgs7200062-IAD, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 6
x-timer: S1664231613.746428,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 15932
X-Firefox-Spdy: h2
|
|
| embed-ssl.wistia.com/deliveries/b635c036ddbaf8ef483fb6abd2924ad1.webp?image_crop_resized=896x504 | 151.101.86.133 | 200 OK | 38 kB |
URL HTTP/2embed-ssl.wistia.com/deliveries/b635c036ddbaf8ef483fb6abd2924ad1.webp?image_crop_resized=896x504 IP151.101.86.133:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 896x504, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hashf8fbbd8864861eda3737ad756128a8c4 910649abb3305044496ec45b36f188d00fd481e4 4ffc11cf448db3abe3380d77092657888238ae5a4c09a34e1fcc581cfeda25af
GET /deliveries/b635c036ddbaf8ef483fb6abd2924ad1.webp?image_crop_resized=896x504 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: b635c036ddbaf8ef483fb6abd2924ad1
last-modified: Wed, 24 Aug 2022 12:48:18 UTC
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 26 Sep 2022 22:33:32 GMT
age: 2886303
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kiad7000146-IAD, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664231613.804881,VS0,VE1
content-length: 37930
X-Firefox-Spdy: h2
|
|
| fast.wistia.net/assets/external/engines/hls_video.js | 151.101.86.110 | 200 OK | 114 kB |
URL HTTP/2fast.wistia.net/assets/external/engines/hls_video.js IP151.101.86.110:0
File typeASCII text, with very long lines (65469) Size114 kB (114378 bytes) Hash16e6e4562ea0bbf6c7ba510f38b0fb8b 20964be4789975feaad850da7bff3df654fad6fe 737ffb23a604268ad34f2dfc3599778fc5934ac18762cbcbc1a68e72b5db091d
GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "632da87d-1beca"
last-modified: Fri, 23 Sep 2022 12:37:17 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 26 Sep 2022 22:33:32 GMT
age: 2038
x-served-by: cache-iad-kcgs7200095-IAD, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3
x-timer: S1664231613.848473,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 114378
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-236253750-1&cid=1849269257.1664226756&jid=788843962&gjid=1479968118&_gid=1729124119.1664226756&_u=QACAAEAAAAAAAC~&z=195344079 | 64.233.162.155 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-236253750-1&cid=1849269257.1664226756&jid=788843962&gjid=1479968118&_gid=1729124119.1664226756&_u=QACAAEAAAAAAAC~&z=195344079 IP64.233.162.155:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-236253750-1&cid=1849269257.1664226756&jid=788843962&gjid=1479968118&_gid=1729124119.1664226756&_u=QACAAEAAAAAAAC~&z=195344079 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://theprostatecurse.com
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://theprostatecurse.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 26 Sep 2022 22:33:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash95f95fee6e94fb192e7c06459e3e3f8e 025638b85afcc833cd592c98cc941dd011d2526f dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash002d49bafbcc428a44fe523322ad9e05 b39aad0d1e941121f28af8f9b6d76f19216800d5 59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5b7b66f5886a12421c3f3970bbf49d5a 13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8 3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-236253750-1&cid=1849269257.1664226756&jid=788843962&_u=QACAAEAAAAAAAC~&z=2009754074 | 142.250.74.3 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-236253750-1&cid=1849269257.1664226756&jid=788843962&_u=QACAAEAAAAAAAC~&z=2009754074 IP142.250.74.3:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-236253750-1&cid=1849269257.1664226756&jid=788843962&_u=QACAAEAAAAAAAC~&z=2009754074 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 22:33:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-236253750-1&cid=1849269257.1664226756&jid=788843962&_u=QACAAEAAAAAAAC~&z=2009754074 | 142.250.74.164 | 200 OK | 42 B |
URL HTTP/2www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-236253750-1&cid=1849269257.1664226756&jid=788843962&_u=QACAAEAAAAAAAC~&z=2009754074 IP142.250.74.164:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-236253750-1&cid=1849269257.1664226756&jid=788843962&_u=QACAAEAAAAAAAC~&z=2009754074 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 22:33:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash95f95fee6e94fb192e7c06459e3e3f8e 025638b85afcc833cd592c98cc941dd011d2526f dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fast.wistia.net/assets/images/blank.gif | 151.101.86.110 | 200 OK | 1.2 kB |
URL HTTP/2fast.wistia.net/assets/images/blank.gif IP151.101.86.110:0
File typeGIF image data, version 89a, 100 x 100\012- data Hashfbdc4ed9a1e2ee4917a265306927bcf1 6d177725d8230df0457e72004080f712e26fe624 a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "63321234-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 26 Sep 2022 20:57:24 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 26 Sep 2022 22:33:33 GMT
age: 5639
x-served-by: cache-iad-kcgs7200157-IAD, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 32
x-timer: S1664231613.025197,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1214
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4538701cf9bc34d908f50370beb922f4 df141b9c3ec626ecaba7c1899073a48b811c4113 61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:33:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fast.wistia.com/embed/medias/zpgiy96yzn.m3u8 | 151.101.86.110 | 200 OK | 753 B |
URL HTTP/2fast.wistia.com/embed/medias/zpgiy96yzn.m3u8 IP151.101.86.110:0
Hash3e9cb9483943ff11e1f4b0db2bd3b3d7 231990d6d25317cb706c4b1ad5951630522a78da d302bf80e15b6848c04ac493171897e59f4ac1559fc4bff9539f30742b96c266
GET /embed/medias/zpgiy96yzn.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theprostatecurse.com
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-type: application/x-mpegURL
etag: W/"d302bf80e15b6848c04ac493171897e5"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 4bb8f343993545d29cf83eb545a771a5
x-runtime: 0.025334
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 26 Sep 2022 22:33:33 GMT
age: 0
x-served-by: cache-iad-kcgs7200048-IAD, cache-bma1625-BMA
x-cache: HIT, HIT
x-cache-hits: 515, 1
x-timer: S1664231613.066296,VS0,VE102
vary: Accept-Encoding,Referer,X-Forwarded-Proto,X-Normalized-User-Agent,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 753
X-Firefox-Spdy: h2
|
|
| embedwistia-a.akamaihd.net/deliveries/0f599d2ef063421b6fc7043717da0fde23e6139e.m3u8 | 23.36.76.162 | 200 OK | 116 kB |
URL HTTP/1.1embedwistia-a.akamaihd.net/deliveries/0f599d2ef063421b6fc7043717da0fde23e6139e.m3u8 IP23.36.76.162:0 ASN#20940 Akamai International B.V.
Size116 kB (116055 bytes) Hash230ba5f787369871971b1880ef017f7b a064f80616d0d77b0220226257e173278577ba18 2c5c09fffaf083d87ce339ddfa8357ea879f554d55eaff6cd9fe8a46a465b3e7
GET /deliveries/0f599d2ef063421b6fc7043717da0fde23e6139e.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theprostatecurse.com
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 116055
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 0f599d2ef063421b6fc7043717da0fde23e6139e-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
Accept-Ranges: bytes
Cache-Control: max-age=31461404
Expires: Tue, 26 Sep 2023 01:50:17 GMT
Date: Mon, 26 Sep 2022 22:33:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
|
|
| embedwistia-a.akamaihd.net/deliveries/0f599d2ef063421b6fc7043717da0fde23e6139e.m3u8/seg-1-v1-a1.ts | 23.36.76.162 | 200 OK | 2.6 MB |
URL HTTP/1.1embedwistia-a.akamaihd.net/deliveries/0f599d2ef063421b6fc7043717da0fde23e6139e.m3u8/seg-1-v1-a1.ts IP23.36.76.162:0 ASN#20940 Akamai International B.V.
File typeMPEG transport stream data\012- data Size2.6 MB (2638392 bytes) Hash1a658d09de2712271a38aa21594a72df 50fbfba38a6eaddd61e440f4270ead7a47dea986 2756fb32da75ca228bb3d3c7de5617f0cb60adfbff0c58319440dca01c97937c
GET /deliveries/0f599d2ef063421b6fc7043717da0fde23e6139e.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theprostatecurse.com
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 2638392
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 0f599d2ef063421b6fc7043717da0fde23e6139e-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
Accept-Ranges: bytes
Cache-Control: max-age=31391065
Expires: Mon, 25 Sep 2023 06:17:58 GMT
Date: Mon, 26 Sep 2022 22:33:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
|
|
| embedwistia-a.akamaihd.net/deliveries/629f20bc5761f24f6de88bbaaac9380352fc4afc.m3u8 | 23.36.76.162 | 200 OK | 116 kB |
URL HTTP/1.1embedwistia-a.akamaihd.net/deliveries/629f20bc5761f24f6de88bbaaac9380352fc4afc.m3u8 IP23.36.76.162:0 ASN#20940 Akamai International B.V.
Size116 kB (116055 bytes) Hashcbe2b26f17e73c7ce3e1e721a7655c6c 7242cc1a7ff3c8607bb4a6fc0faebf5d4641ca2f 4bb573fef42ddca6c8e3c924c243e9a41edc47fe967164e91270ab2409fe50f1
GET /deliveries/629f20bc5761f24f6de88bbaaac9380352fc4afc.m3u8 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theprostatecurse.com
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/vnd.apple.mpegurl
Content-Length: 116055
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 629f20bc5761f24f6de88bbaaac9380352fc4afc-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
Accept-Ranges: bytes
Cache-Control: max-age=31490775
Expires: Tue, 26 Sep 2023 09:59:48 GMT
Date: Mon, 26 Sep 2022 22:33:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
|
|
| embedwistia-a.akamaihd.net/deliveries/629f20bc5761f24f6de88bbaaac9380352fc4afc.m3u8/seg-1-v1-a1.ts | 23.36.76.162 | 200 OK | 984 kB |
URL HTTP/1.1embedwistia-a.akamaihd.net/deliveries/629f20bc5761f24f6de88bbaaac9380352fc4afc.m3u8/seg-1-v1-a1.ts IP23.36.76.162:0 ASN#20940 Akamai International B.V.
File typeMPEG transport stream data\012- data Size984 kB (983992 bytes) Hash3e4e077c201c11540050b5f9c4fa1027 e020600d6433cf2ce55904a81ea9d8df33487994 ebd07eec559fd7260f208624002e248ef77d2226f4ab66dd7198673db3f865f6
GET /deliveries/629f20bc5761f24f6de88bbaaac9380352fc4afc.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theprostatecurse.com
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: video/MP2T
Content-Length: 983992
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Last-Modified: Mon, 05 Nov 2018 10:11:00 GMT
surrogate-key: 629f20bc5761f24f6de88bbaaac9380352fc4afc-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
Accept-Ranges: bytes
Cache-Control: max-age=31438374
Expires: Mon, 25 Sep 2023 19:26:27 GMT
Date: Mon, 26 Sep 2022 22:33:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash900f0bd9d71861c1d01e36f8a85b5034 50b150078fb0ff955529b4b438a3bd8df1344ea6 e8dbf3c2831be7814edd806d7826394be8efd90a7f221ea6da9daea6448db6a5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 22:33:33 GMT
Last-Modified: Mon, 26 Sep 2022 21:17:12 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LBaUxubLgd4ZH85wkcRgAqcK8pMZ2I_AtFPp6fvrNfQz8NZDFV8jnw==
Age: 4581
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash900f0bd9d71861c1d01e36f8a85b5034 50b150078fb0ff955529b4b438a3bd8df1344ea6 e8dbf3c2831be7814edd806d7826394be8efd90a7f221ea6da9daea6448db6a5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 22:33:33 GMT
Last-Modified: Mon, 26 Sep 2022 20:45:28 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RwPiH0LcY5ZFHb8_imbFmaBu9WAoEe8LLT9U2XlaNhcVD8BV4Iycdw==
Age: 6485
|
|
| distillery.wistia.com/x | 44.197.44.53 | 204 No Content | 0 B |
IP44.197.44.53:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1592
Origin: https://theprostatecurse.com
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 26 Sep 2022 22:33:33 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
|
|
| pipedream.wistia.com/mput?topic=metrics | 54.152.184.103 | 200 OK | 2 B |
URL HTTP/2pipedream.wistia.com/mput?topic=metrics IP54.152.184.103:0
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 1486
Origin: https://theprostatecurse.com
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:33 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| pipedream.wistia.com/mput?topic=metrics | 54.152.184.103 | 200 OK | 2 B |
URL HTTP/2pipedream.wistia.com/mput?topic=metrics IP54.152.184.103:0
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 5259
Origin: https://theprostatecurse.com
Connection: keep-alive
Referer: https://theprostatecurse.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:34 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| go.maxweb.com/conversion/iframe/?a=7552&token=32c64d80036cd2a2c2f25a4e1f88668e | 172.66.40.143 | 200 OK | 0 B |
URL HTTP/2go.maxweb.com/conversion/iframe/?a=7552&token=32c64d80036cd2a2c2f25a4e1f88668e IP172.66.40.143:0
GET /conversion/iframe/?a=7552&token=32c64d80036cd2a2c2f25a4e1f88668e HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:34 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Sep 2022 23:33:34 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750f76465c46b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mwquestion.com/7552/434/2/?subid=7&subid2=9ab5e82d318445019a9f7a09fa37e460&subid3=XMcdddelw | 172.67.193.9 | 302 Found | 0 B |
URL HTTP/2mwquestion.com/7552/434/2/?subid=7&subid2=9ab5e82d318445019a9f7a09fa37e460&subid3=XMcdddelw IP172.67.193.9:0
GET /7552/434/2/?subid=7&subid2=9ab5e82d318445019a9f7a09fa37e460&subid3=XMcdddelw HTTP/1.1
Host: mwquestion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 26 Sep 2022 22:33:30 GMT
content-type: text/html; charset=UTF-8
location: https://prstfreetrk.com/?a=68&c=2387&s2=7552_sessid20220926223333218&s1=434
cache-control: max-age=3600, private
pragma: no-cache
expires: Mon, 26 Sep 2022 23:33:30 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750f7628e9cc1c0a-OSL
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764 | 172.66.43.107 | 200 OK | 0 B |
URL HTTP/2theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764 IP172.66.43.107:0
GET /research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764 HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a; path=/
looked=yes; expires=Mon, 26-Sep-2022 23:33:31 GMT; Max-Age=3600
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750f7637098d0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| theprostatecurse.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 172.66.43.107 | 200 OK | 0 B |
URL HTTP/2theprostatecurse.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP172.66.43.107:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: theprostatecurse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theprostatecurse.com/research/?s1=434&s2=7552_sessid20220926223333218&s3=&s4=&crtv_id=2387&affId=68&c1=434&c3=131571764
Cookie: _ga=GA1.2.1849269257.1664226756; _gid=GA1.2.1729124119.1664226756; PHPSESSID=4aa7935a9ab2b2b1a97909ae51774a3a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:33:32 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 11:11:52 GMT
etag: W/"633188f8-302c"
vary: Accept-Encoding
server: cloudflare
cf-ray: 750f76390af90b45-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 28 Sep 2022 22:33:32 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|