r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12677
Expires: Sat, 07 Jan 2023 18:01:15 GMT
Date: Sat, 07 Jan 2023 14:29:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15722
Expires: Sat, 07 Jan 2023 18:52:00 GMT
Date: Sat, 07 Jan 2023 14:29:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 13:48:08 GMT
content-type: application/json
age: 2510
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13476
Expires: Sat, 07 Jan 2023 18:14:34 GMT
Date: Sat, 07 Jan 2023 14:29:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OC49VDzhakiiCgS16ULegNMUlGDCNy9sdXzURNc2gY6BmdO9Tq2jWBxRNeYqS4/RjPG8zoAMKic=
x-amz-request-id: 06NQMWEBK804NKR2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 14:15:20 GMT
age: 878
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 14:29:58 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 07 Jan 2023 13:33:40 GMT
age: 3379
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
naverdns.co/
77.247.182.250302 Found 11 B IP 77.247.182.250:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: naverdns.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sat, 07 Jan 2023 14:29:58 GMT
location: http://btpnative.com/click?data=djZIV2IyZ0ptTFlMZ2RjNGdnYWp5OVlaeGQ5b0t0QUFoR2p5WURMd1ozcEFEMXBIOEZuWFJYVzAwYVY1V0hSZFUtX0RNY3VGSG4wSFBJRmQ2MU5hWkZLX1dZSUIxQU81azNGbnhub0wxQ0xJRFRHYzVDakp4bDhNeVR3d0gwU0NJdzlaamFTRnQwZklWM3ozeW9WaE13Mg2&id=12acfa06-444a-463a-b4b0-63397058077f
server: nginx
set-cookie: sid=c34a4e16-8e97-11ed-8eb8-7cdf8bb0a72c; path=/; domain=.naverdns.co; expires=Thu, 25 Jan 2091 17:44:06 GMT; max-age=2147483647; HttpOnly
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8589b6a84dd5a09ec546aff38bbd2515
1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7
f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6359
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:29:59 GMT
Last-Modified: Sat, 07 Jan 2023 12:44:00 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
btpnative.com/click?data=djZIV2IyZ0ptTFlMZ2RjNGdnYWp5OVlaeGQ5b0t0QUFoR2p5WURMd1ozcEFEMXBIOEZuWFJYVzAwYVY1V0hSZFUtX0RNY3VGSG4wSFBJRmQ2MU5hWkZLX1dZSUIxQU81azNGbnhub0wxQ0xJRFRHYzVDakp4bDhNeVR3d0gwU0NJdzlaamFTRnQwZklWM3ozeW9WaE13Mg2&id=12acfa06-444a-463a-b4b0-63397058077f
192.99.158.241200 OK 5.4 kB URL HTTP/1.1 btpnative.com/click?data=djZIV2IyZ0ptTFlMZ2RjNGdnYWp5OVlaeGQ5b0t0QUFoR2p5WURMd1ozcEFEMXBIOEZuWFJYVzAwYVY1V0hSZFUtX0RNY3VGSG4wSFBJRmQ2MU5hWkZLX1dZSUIxQU81azNGbnhub0wxQ0xJRFRHYzVDakp4bDhNeVR3d0gwU0NJdzlaamFTRnQwZklWM3ozeW9WaE13Mg2&id=12acfa06-444a-463a-b4b0-63397058077f
IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash 3072208c30384df6de2e5475287099c0
adb4e1ef5058249df4ecd76d8dfd962eaebb8a1d
f3682ebd0da720a60e985fd2656b92ece6958e1e37dacc6a7380e17e5e016802
GET /click?data=djZIV2IyZ0ptTFlMZ2RjNGdnYWp5OVlaeGQ5b0t0QUFoR2p5WURMd1ozcEFEMXBIOEZuWFJYVzAwYVY1V0hSZFUtX0RNY3VGSG4wSFBJRmQ2MU5hWkZLX1dZSUIxQU81azNGbnhub0wxQ0xJRFRHYzVDakp4bDhNeVR3d0gwU0NJdzlaamFTRnQwZklWM3ozeW9WaE13Mg2&id=12acfa06-444a-463a-b4b0-63397058077f HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: YMMSKBagNEAkUQe=YMMSKBagNEAkUQe; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sat, 07 Jan 2023 14:29:58 GMT
Content-Length: 5441
push.services.mozilla.com/
35.167.121.239101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.121.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8vnpFdRP1LGAPUdWP3UyAw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OPTbONWcSxE+sj4V195fn6gGyTI=
btpnative.com/Redirect/
192.99.158.241302 Found 1.5 kB IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1449), with CRLF line terminators
Hash d540f3c04656c662f30c262c25e26d7e
7f1cc7775faf5baaa430a4fdf42dee400bdbd1d2
a6787a6c85ea69277d5b969ded02f64b7a4a311166d4d3eb954296c1bd8db36f
POST /Redirect/ HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 330
Origin: http://btpnative.com
Connection: keep-alive
Referer: http://btpnative.com/click?data=djZIV2IyZ0ptTFlMZ2RjNGdnYWp5OVlaeGQ5b0t0QUFoR2p5WURMd1ozcEFEMXBIOEZuWFJYVzAwYVY1V0hSZFUtX0RNY3VGSG4wSFBJRmQ2MU5hWkZLX1dZSUIxQU81azNGbnhub0wxQ0xJRFRHYzVDakp4bDhNeVR3d0gwU0NJdzlaamFTRnQwZklWM3ozeW9WaE13Mg2&id=12acfa06-444a-463a-b4b0-63397058077f
Cookie: YMMSKBagNEAkUQe=YMMSKBagNEAkUQe
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lVvOYWjbHMPArA8G9_mqbBkKPCcnQfaI2XNdph9XUDb2X6wh3pTsOdnNQQBohauRsSK-vAnffLq7hLNoYzM3sVk2e8BLPojVHMfyPsIDRm9qD9i7g9o51Bi1Sa6QYyHCTGeLsF4QQNpQetoetysUitK7ktUDnaT1xdURqqED4VnuDHNTLhQZkZ4IYVyngFTAFf-7L8KW4cuXCbG4vb54h-cSzIPlJT9RmF6qIOxu10CH9ThnXg80IsxIXRj3JRxsQyMGczBymSBGXTJh28QfbaKjQkrWJI7M0PMUf8KU9_JhEqJ33EzZ6xMQS2Lw9v8rO6SxVwRZ7DPbK_LmIHiyCYjumA94QF4Ok4gIPbzFLtXHXjQZ40B9adkxEVglUDXuzV9NyHEa2cphp32ugo8004F1ZdvsK8pamIiB-2EU19Qlj5aaaUxWtYrn5ywPUbeCsJSkxzjlr9RE363CGcTJjfeFH7gmYaRh4VfRDHIEmDgatJaAJ829BcGF---1_HRwfq72g1hbuTeH2360XmKElLNjXKiZcNEoUBx07qM6X4NjLnZ5Tb_08BUr_--oGdMeIn6QgzGIaGqW15nx2A7uSoEOIrsidJxJsyWpHgCQhDkkPGSC2U9cwo6b5vbfNzYn3_N8tT1cOfzj4KzFVh6I7Ew6XU9G-kplunPPlR8FwkSh_4swnqvxGKJJnAttrtTzEwGjIi9bwwSS1s_6SN_9Bt4mSe6FKMq5X5lqUO9m3OLdx8eOw4YWdeOqj530FqKHUNYkp2ht_S2uolZEpUfClSh7HHvvMCjzjs2-yUV89GD4fs18jGM0Iq7DfJHw5nq7jwSfel2cZKhCkdMDsrP1-j3iYqdNQvLa15CBN6w_2GHEYNEdYbi5ZYikxDo99HM_GeRmdaEaGagb8UPPjQ96MmO77EC5oNr61ZSuT6fKD9nrQ738MrzgVC5EQzKW_bCIATar-0zpVSvEk5wUYtFGhD0RU2lepwco8T_aR1ud4GJxq-u09n-RGXXvb8xr3ookBZopolRTfUPaMNOh2y95mtuDXqmhT8wJQAP5G2oPQOEnp-2L5QG0k9FsgketZEWcFXljgkxiiiqZfbppgU3sdyZn91ExDR45n4R55FpR_nfDk5wUYtFGhD3p6t2Df9GS82dEaGHBVUfMiRF3v75LZU4mDW_olsHQNA
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Sat, 07 Jan 2023 14:29:59 GMT
Content-Length: 1521
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 5e6f8d31a306e36d0ed615a102d5d25f
d8d190f057daa0335b887c712918493bd3c37589
73e73e2a3906e3fef68cbe06fd894457525f3407f1bd366ffd586cba0a83aea6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:30:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 05 Jan 2023 07:25:42 GMT
Expires: Thu, 12 Jan 2023 07:25:41 GMT
Etag: "d8d190f057daa0335b887c712918493bd3c37589"
Cache-Control: max-age=405940,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 785d638b1d41b505-OSL
mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lVvOYWjbHMPArA8G9_mqbBkKPCcnQfaI2XNdph9XUDb2X6wh3pTsOdnNQQBohauRsSK-vAnffLq7hLNoYzM3sVk2e8BLPojVHMfyPsIDRm9qD9i7g9o51Bi1Sa6QYyHCTGeLsF4QQNpQetoetysUitK7ktUDnaT1xdURqqED4VnuDHNTLhQZkZ4IYVyngFTAFf-7L8KW4cuXCbG4vb54h-cSzIPlJT9RmF6qIOxu10CH9ThnXg80IsxIXRj3JRxsQyMGczBymSBGXTJh28QfbaKjQkrWJI7M0PMUf8KU9_JhEqJ33EzZ6xMQS2Lw9v8rO6SxVwRZ7DPbK_LmIHiyCYjumA94QF4Ok4gIPbzFLtXHXjQZ40B9adkxEVglUDXuzV9NyHEa2cphp32ugo8004F1ZdvsK8pamIiB-2EU19Qlj5aaaUxWtYrn5ywPUbeCsJSkxzjlr9RE363CGcTJjfeFH7gmYaRh4VfRDHIEmDgatJaAJ829BcGF---1_HRwfq72g1hbuTeH2360XmKElLNjXKiZcNEoUBx07qM6X4NjLnZ5Tb_08BUr_--oGdMeIn6QgzGIaGqW15nx2A7uSoEOIrsidJxJsyWpHgCQhDkkPGSC2U9cwo6b5vbfNzYn3_N8tT1cOfzj4KzFVh6I7Ew6XU9G-kplunPPlR8FwkSh_4swnqvxGKJJnAttrtTzEwGjIi9bwwSS1s_6SN_9Bt4mSe6FKMq5X5lqUO9m3OLdx8eOw4YWdeOqj530FqKHUNYkp2ht_S2uolZEpUfClSh7HHvvMCjzjs2-yUV89GD4fs18jGM0Iq7DfJHw5nq7jwSfel2cZKhCkdMDsrP1-j3iYqdNQvLa15CBN6w_2GHEYNEdYbi5ZYikxDo99HM_GeRmdaEaGagb8UPPjQ96MmO77EC5oNr61ZSuT6fKD9nrQ738MrzgVC5EQzKW_bCIATar-0zpVSvEk5wUYtFGhD0RU2lepwco8T_aR1ud4GJxq-u09n-RGXXvb8xr3ookBZopolRTfUPaMNOh2y95mtuDXqmhT8wJQAP5G2oPQOEnp-2L5QG0k9FsgketZEWcFXljgkxiiiqZfbppgU3sdyZn91ExDR45n4R55FpR_nfDk5wUYtFGhD3p6t2Df9GS82dEaGHBVUfMiRF3v75LZU4mDW_olsHQNA
52.116.53.155302 Found 0 B URL HTTP/2 mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lVvOYWjbHMPArA8G9_mqbBkKPCcnQfaI2XNdph9XUDb2X6wh3pTsOdnNQQBohauRsSK-vAnffLq7hLNoYzM3sVk2e8BLPojVHMfyPsIDRm9qD9i7g9o51Bi1Sa6QYyHCTGeLsF4QQNpQetoetysUitK7ktUDnaT1xdURqqED4VnuDHNTLhQZkZ4IYVyngFTAFf-7L8KW4cuXCbG4vb54h-cSzIPlJT9RmF6qIOxu10CH9ThnXg80IsxIXRj3JRxsQyMGczBymSBGXTJh28QfbaKjQkrWJI7M0PMUf8KU9_JhEqJ33EzZ6xMQS2Lw9v8rO6SxVwRZ7DPbK_LmIHiyCYjumA94QF4Ok4gIPbzFLtXHXjQZ40B9adkxEVglUDXuzV9NyHEa2cphp32ugo8004F1ZdvsK8pamIiB-2EU19Qlj5aaaUxWtYrn5ywPUbeCsJSkxzjlr9RE363CGcTJjfeFH7gmYaRh4VfRDHIEmDgatJaAJ829BcGF---1_HRwfq72g1hbuTeH2360XmKElLNjXKiZcNEoUBx07qM6X4NjLnZ5Tb_08BUr_--oGdMeIn6QgzGIaGqW15nx2A7uSoEOIrsidJxJsyWpHgCQhDkkPGSC2U9cwo6b5vbfNzYn3_N8tT1cOfzj4KzFVh6I7Ew6XU9G-kplunPPlR8FwkSh_4swnqvxGKJJnAttrtTzEwGjIi9bwwSS1s_6SN_9Bt4mSe6FKMq5X5lqUO9m3OLdx8eOw4YWdeOqj530FqKHUNYkp2ht_S2uolZEpUfClSh7HHvvMCjzjs2-yUV89GD4fs18jGM0Iq7DfJHw5nq7jwSfel2cZKhCkdMDsrP1-j3iYqdNQvLa15CBN6w_2GHEYNEdYbi5ZYikxDo99HM_GeRmdaEaGagb8UPPjQ96MmO77EC5oNr61ZSuT6fKD9nrQ738MrzgVC5EQzKW_bCIATar-0zpVSvEk5wUYtFGhD0RU2lepwco8T_aR1ud4GJxq-u09n-RGXXvb8xr3ookBZopolRTfUPaMNOh2y95mtuDXqmhT8wJQAP5G2oPQOEnp-2L5QG0k9FsgketZEWcFXljgkxiiiqZfbppgU3sdyZn91ExDR45n4R55FpR_nfDk5wUYtFGhD3p6t2Df9GS82dEaGHBVUfMiRF3v75LZU4mDW_olsHQNA
IP 52.116.53.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aS/feedclick?s=HFz5zNIIs95ROWPasgEEzxpRTG9mCZxJfSMU3tyux_woPqiJVE9nxxwSB56cKSkXT2CTCm3P5TxbC7U30TJp2YOe9KpoUqG_KP9rM2-MnaYmDyfaZRNJu7CyP0WpYsxEJnFYxcsUig_ZjafmTRh4cHzsOTmPHHzVVhTaMWwinq7RGLacBI37lVvOYWjbHMPArA8G9_mqbBkKPCcnQfaI2XNdph9XUDb2X6wh3pTsOdnNQQBohauRsSK-vAnffLq7hLNoYzM3sVk2e8BLPojVHMfyPsIDRm9qD9i7g9o51Bi1Sa6QYyHCTGeLsF4QQNpQetoetysUitK7ktUDnaT1xdURqqED4VnuDHNTLhQZkZ4IYVyngFTAFf-7L8KW4cuXCbG4vb54h-cSzIPlJT9RmF6qIOxu10CH9ThnXg80IsxIXRj3JRxsQyMGczBymSBGXTJh28QfbaKjQkrWJI7M0PMUf8KU9_JhEqJ33EzZ6xMQS2Lw9v8rO6SxVwRZ7DPbK_LmIHiyCYjumA94QF4Ok4gIPbzFLtXHXjQZ40B9adkxEVglUDXuzV9NyHEa2cphp32ugo8004F1ZdvsK8pamIiB-2EU19Qlj5aaaUxWtYrn5ywPUbeCsJSkxzjlr9RE363CGcTJjfeFH7gmYaRh4VfRDHIEmDgatJaAJ829BcGF---1_HRwfq72g1hbuTeH2360XmKElLNjXKiZcNEoUBx07qM6X4NjLnZ5Tb_08BUr_--oGdMeIn6QgzGIaGqW15nx2A7uSoEOIrsidJxJsyWpHgCQhDkkPGSC2U9cwo6b5vbfNzYn3_N8tT1cOfzj4KzFVh6I7Ew6XU9G-kplunPPlR8FwkSh_4swnqvxGKJJnAttrtTzEwGjIi9bwwSS1s_6SN_9Bt4mSe6FKMq5X5lqUO9m3OLdx8eOw4YWdeOqj530FqKHUNYkp2ht_S2uolZEpUfClSh7HHvvMCjzjs2-yUV89GD4fs18jGM0Iq7DfJHw5nq7jwSfel2cZKhCkdMDsrP1-j3iYqdNQvLa15CBN6w_2GHEYNEdYbi5ZYikxDo99HM_GeRmdaEaGagb8UPPjQ96MmO77EC5oNr61ZSuT6fKD9nrQ738MrzgVC5EQzKW_bCIATar-0zpVSvEk5wUYtFGhD0RU2lepwco8T_aR1ud4GJxq-u09n-RGXXvb8xr3ookBZopolRTfUPaMNOh2y95mtuDXqmhT8wJQAP5G2oPQOEnp-2L5QG0k9FsgketZEWcFXljgkxiiiqZfbppgU3sdyZn91ExDR45n4R55FpR_nfDk5wUYtFGhD3p6t2Df9GS82dEaGHBVUfMiRF3v75LZU4mDW_olsHQNA HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=82663812168; loi=ad_857954_off_361683_aff_11454_cid_201298-MKKUEI4KDSZ.COM_ts_1673100491
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 07 Jan 2023 14:30:00 GMT
content-length: 0
set-cookie: rhid=82663812168; Max-Age=15552000; Expires=Thu, 06-Jul-2023 14:30:00 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p274639.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDA6SzMU5W2d5Ngdj-hygt7_saZSkTt5vvtIAu_a_2hs7fTlkmtwLr42PVYyyyQapuhA4rHED7ys8aoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2ep_6GqVBn3FOOI3avFLX2Z7Jl4Hi3-y6l0KBAp4ZDnXsGXY2jZ5js-mYuRqG_KFdgIRAv5HDnHYgyrHeCCgtfl7-WpUG-i5Kd347mfhgNbxZuDK-Dk20eQlVRFEktQBWBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D9R2p1wd5MDK1A3LQQeWyuAM6cRdns6hCTNoqHaTbnmaVZB0VMBlc7HuP4capgYnWR36YG5rRGKzlDxzDs_cUls&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6pwN5MlyzZKMR4eL_DKlQYsQLt25XmQhmevtbPkTs61PL1L3A8K5dfz9e1F293TXuCVvw1pRjzT3Q&si=1&oref=e1d22bc8c072dc079f50feac750975aa&optunit=JsHayox36o0yFDMwdEc3Lw&rb=2Vb288azLYM&rr=0&abtg=0
X-Firefox-Spdy: h2
p274639.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDA6SzMU5W2d5Ngdj-hygt7_saZSkTt5vvtIAu_a_2hs7fTlkmtwLr42PVYyyyQapuhA4rHED7ys8aoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2ep_6GqVBn3FOOI3avFLX2Z7Jl4Hi3-y6l0KBAp4ZDnXsGXY2jZ5js-mYuRqG_KFdgIRAv5HDnHYgyrHeCCgtfl7-WpUG-i5Kd347mfhgNbxZuDK-Dk20eQlVRFEktQBWBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D9R2p1wd5MDK1A3LQQeWyuAM6cRdns6hCTNoqHaTbnmaVZB0VMBlc7HuP4capgYnWR36YG5rRGKzlDxzDs_cUls&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6pwN5MlyzZKMR4eL_DKlQYsQLt25XmQhmevtbPkTs61PL1L3A8K5dfz9e1F293TXuCVvw1pRjzT3Q&si=1&oref=e1d22bc8c072dc079f50feac750975aa&optunit=JsHayox36o0yFDMwdEc3Lw&rb=2Vb288azLYM&rr=0&abtg=0
52.116.53.155302 Found 0 B URL HTTP/2 p274639.mybettermb.com/adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDA6SzMU5W2d5Ngdj-hygt7_saZSkTt5vvtIAu_a_2hs7fTlkmtwLr42PVYyyyQapuhA4rHED7ys8aoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2ep_6GqVBn3FOOI3avFLX2Z7Jl4Hi3-y6l0KBAp4ZDnXsGXY2jZ5js-mYuRqG_KFdgIRAv5HDnHYgyrHeCCgtfl7-WpUG-i5Kd347mfhgNbxZuDK-Dk20eQlVRFEktQBWBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D9R2p1wd5MDK1A3LQQeWyuAM6cRdns6hCTNoqHaTbnmaVZB0VMBlc7HuP4capgYnWR36YG5rRGKzlDxzDs_cUls&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6pwN5MlyzZKMR4eL_DKlQYsQLt25XmQhmevtbPkTs61PL1L3A8K5dfz9e1F293TXuCVvw1pRjzT3Q&si=1&oref=e1d22bc8c072dc079f50feac750975aa&optunit=JsHayox36o0yFDMwdEc3Lw&rb=2Vb288azLYM&rr=0&abtg=0
IP 52.116.53.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adServe/domainClick?ai=gNSPw4YcvsCApKkKBx7IDA6SzMU5W2d5Ngdj-hygt7_saZSkTt5vvtIAu_a_2hs7fTlkmtwLr42PVYyyyQapuhA4rHED7ys8aoBBNH-RY4fF5y4haVYAvAb3-ESHG0JHg2RvEwrk2epbC7U30TJp2ep_6GqVBn3FOOI3avFLX2Z7Jl4Hi3-y6l0KBAp4ZDnXsGXY2jZ5js-mYuRqG_KFdgIRAv5HDnHYgyrHeCCgtfl7-WpUG-i5Kd347mfhgNbxZuDK-Dk20eQlVRFEktQBWBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D9R2p1wd5MDK1A3LQQeWyuAM6cRdns6hCTNoqHaTbnmaVZB0VMBlc7HuP4capgYnWR36YG5rRGKzlDxzDs_cUls&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSN0lr8e9sI6pwN5MlyzZKMR4eL_DKlQYsQLt25XmQhmevtbPkTs61PL1L3A8K5dfz9e1F293TXuCVvw1pRjzT3Q&si=1&oref=e1d22bc8c072dc079f50feac750975aa&optunit=JsHayox36o0yFDMwdEc3Lw&rb=2Vb288azLYM&rr=0&abtg=0 HTTP/1.1
Host: p274639.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=82663812168; loi=ad_857954_off_361683_aff_11454_cid_201298-MKKUEI4KDSZ.COM_ts_1673100491
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 07 Jan 2023 14:30:00 GMT
content-length: 0
set-cookie: rhid=82663812168; Max-Age=15552000; Expires=Thu, 06-Jul-2023 14:30:00 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
loi=ad_490233_off_142374_aff_3322_cid_274639-581509221-NAVERDNS.CO_ts_1673101800; Max-Age=3600; Expires=Sat, 07-Jan-2023 15:30:00 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://myfood.ltd/?v=20171031&s1=0
X-Firefox-Spdy: h2
myfood.ltd/?v=20171031&s1=0
151.139.128.10200 OK 2.9 kB URL HTTP/2 myfood.ltd/?v=20171031&s1=0
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6859), with no line terminators
Hash 029ccb01ef612a9e6748494c60d24b69
d385f7671725be11701998c27571e94b1950f991
7ac429dc45b509b1bed9bdcdc5610868d510d979ce3cc06d48870511bf0425f5
GET /?v=20171031&s1=0 HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:30:00 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 2896
content-type: text/html
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb731-1ad4"
x-sp-metadata: HS256.CPif5p0GEoYBCiRlM2Y3MDZjYi1hZGZkLTQ4OWUtODdlZS04YjI4ZWRkZmUwNDkQwIKqy8GT/AIaBgjog+adBiIMOTEuOTAuNDIuMTU0KJ1gMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiQxMDA4NTc3Yy0xYTY2LTQwZWItODkxYi1mNzIxNmVmMTFjYTIY0BYiGAgCEhRjZHMyMzYuc2sxLmh3Y2RuLm5ldA==.lHn/ircCk/3u63PloLtB+O/aWc54Y5DLZVBbNZFpx1E=
x-hw: 1673101800.cds216.sk1.hn,1673101800.cds236.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/css/style.css
151.139.128.10200 OK 19 kB URL HTTP/2 myfood.ltd/main/css/style.css
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (65134), with no line terminators
Hash a95a0c8bd1273406b8c8053fb3527d56
2a461dcfa2c4bf1d22727bfd7c3c2abc85d44343
55b46146d32f4ee365d4ca91d8b3b1c504a062b15bbc1ed60a22ac2d05be1db5
GET /main/css/style.css HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:30:00 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 18933
content-type: text/css
last-modified: Mon, 01 Mar 2021 09:43:15 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb733-1b1ac"
x-sp-metadata: HS256.CPif5p0GEoYBCiQ1ZjM2ZDc2MC1hMWU5LTRkMjAtYWExOC0zOWYzYTA1MTIxZDIQwIKqy8GT/AIaBgjog+adBiIMOTEuOTAuNDIuMTU0KJ1gMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ4MWQyMzdlMi02ZjAzLTQ2MDctOGJlOS0wZWQwOWJlNjFlMjEY9ZMBIhgIAhIUY2RzMjYxLnNrMS5od2Nkbi5uZXQ=.CtQN1ixBjE8M7GDQBNxCvmgNXxKliHTrML1B/VXLfMg=
x-hw: 1673101800.cds216.sk1.hn,1673101800.cds261.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_2.jpg
151.139.128.10200 OK 52 kB URL HTTP/2 myfood.ltd/images/Superfood_2.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x341, components 3\012- data
Hash b87af7248a82f58fe2ea5d0c7b030886
1d5a5b9752d7978c68b0d4a1689b3d8e6d322f0a
14da8c39c357dad0441b26d575c0000a9529c76d785680306a3cf51abe4cae81
GET /images/Superfood_2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:30:00 GMT
cache-control: max-age=30
content-length: 51830
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: "603cb731-ca76"
x-sp-metadata: HS256.CPif5p0GEoYBCiRiZDU1NGU1ZC1jYTg2LTQyYjYtOTM4NC00NTI3N2I3NDkyZWYQwIKqy8GT/AIaBgjog+adBiIMOTEuOTAuNDIuMTU0KJ1gMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiRlYWJlNzNhYS05Yzk4LTQzODgtODg0ZS02ZjIyOWY1NWIyZjEY9pQDIhgIAhIUY2RzMjIwLnNrMS5od2Nkbi5uZXQ=.J6zSgOTcaldvsbtCVoaWZhUljZCBKw+JJIBBrT9GOgw=
x-hw: 1673101800.cds216.sk1.hn,1673101800.cds220.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_1.jpg
151.139.128.10200 OK 74 kB URL HTTP/2 myfood.ltd/images/Superfood_1.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x420, components 3\012- data
Hash c2c3ec0e55e648c2a85d4499714a9c11
073f2990a52da59a7d3b73583b30be3c2cf45523
b66cf7365382753dc6340bfa2fba89c368ca3b930a0833d8f64c4c34525fc2ec
GET /images/Superfood_1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:30:00 GMT
cache-control: max-age=30
content-length: 74204
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-121dc"
x-sp-metadata: HS256.CPif5p0GEoYBCiQyYmVlOTYyZS1iYThhLTQ3NDMtYTIyYy1kOGY4OTcyMGJiMDcQwIKqy8GT/AIaBgjog+adBiIMOTEuOTAuNDIuMTU0KJ1gMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiRmNDhhMGI2NC0xMDMxLTQ4YzktOTI0My05NjFkNDVkMWQ5ODMY3MMEIhgIAhIUY2RzMjQ3LnNrMS5od2Nkbi5uZXQ=.oT335QS3LYKeFQ6dNZ2zlyV6MKxv/XrdGK1BG7PdvV4=
x-hw: 1673101800.cds216.sk1.hn,1673101800.cds247.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-1.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-1.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash 62d0b6a649ac10e72bcb6ea3bbf57564
3e333889b0b66bfc6a32499f4c55878e2102b463
58dddc0a77632d920d096da6c6e2587c5859a4b4dd7af6dcd6eb8009ebc23ba6
GET /images/avatar-1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:30:00 GMT
cache-control: max-age=30
content-length: 11304
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-2c28"
x-sp-metadata: HS256.CPif5p0GEoYBCiQwNDNkYTJjNy1iZWYwLTRhMTItYjM1MS04MWI2MTExNjg0MjcQwIKqy8GT/AIaBgjog+adBiIMOTEuOTAuNDIuMTU0KJ1gMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiQ2OWYxMjdkYy1iOTUwLTRmMjMtODlmMC0wODQ1MjhhNGNiN2IYqFgiGAgCEhRjZHMyMTguc2sxLmh3Y2RuLm5ldA==.6jNgs6A8yxAyiWB5Mam5yHcPdfS8K5oOufklz3Kec2g=
x-hw: 1673101800.cds216.sk1.hn,1673101800.cds218.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-2.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-2.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash dd3881ed1b5b03b1d571edf89e12c466
61ca68c1c2d2ae7d286dfc0540f4ca8b357fdf3d
97b65e41dd547b310e1e860d2ae4717dba1d97bd36c0cd06c35749caa515e207
GET /images/avatar-2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:30:00 GMT
cache-control: max-age=30
content-length: 10665
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-29a9"
x-sp-metadata: HS256.CPif5p0GEoYBCiQ3NDhkYjQ5MS00MjY1LTQ2NjEtOTE3Ni1mNzdlMTVkMDcyZWUQwIKqy8GT/AIaBgjog+adBiIMOTEuOTAuNDIuMTU0KJ1gMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiRkNmI4NDc2OS0yN2ZjLTRmYTgtODNlMi01ZTZkY2E1OGNmYzUYqVMiGAgCEhRjZHMyMDIuc2sxLmh3Y2RuLm5ldA==.4LcALv02NX7b3UcxrWfJ1o0Z2r9ohG2UbjIWIvVlhNQ=
x-hw: 1673101800.cds216.sk1.hn,1673101800.cds202.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/js/main.js
151.139.128.10200 OK 39 kB URL HTTP/2 myfood.ltd/main/js/main.js
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (60220)
Hash 181e3fa3b1de97ff4efd259bc2a2c8c7
52edf1dc36109cb57bea12689a48442e27f06ad1
ffa8984bea3bf0c0a0cb282e9a5a98b3435e63fb6a26dfe0351979fa9f827c40
GET /main/js/main.js HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:30:00 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 38656
content-type: application/javascript
last-modified: Mon, 01 Mar 2021 09:43:14 GMT
accept-ranges: bytes
server: nginx
etag: "603cb732-1d57b"
x-sp-metadata: HS256.CPif5p0GEoYBCiRhYTVmNjBkZi0wYWNmLTQ2YWItODE5ZC0yMzdjOGE4NTNlZjUQwIKqy8GT/AIaBgjog+adBiIMOTEuOTAuNDIuMTU0KJ1gMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiRjYWE2ZjU2ZC1mZjIyLTQxZmYtYWYzMi0yOTc2NWEwNjA2MjgYgK4CIhgIAhIUY2RzMjI4LnNrMS5od2Nkbi5uZXQ=.dfLy+vmb+owlGipKGActGdJkPpvtDZKZxsfKzM9Kb2c=
x-hw: 1673101800.cds216.sk1.hn,1673101800.cds228.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:30:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:30:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14564, version 1.0\012- data
Hash 60c866748ff15f5b347fdba64596b1b1
34f486906decb7c8cf7a02d4758add9a2408c7a5
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
GET /s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 03:33:02 GMT
expires: Sat, 06 Jan 2024 03:33:02 GMT
cache-control: public, max-age=31536000
age: 125818
last-modified: Wed, 11 Oct 2017 21:49:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14544, version 1.0\012- data
Hash 223a277bd88d8a90c8cdf24cda0ad5f5
24234c1c81b3948758c1a0be8e5a65386ca94c52
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
GET /s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 15:51:24 GMT
expires: Wed, 03 Jan 2024 15:51:24 GMT
cache-control: public, max-age=31536000
age: 340716
last-modified: Wed, 11 Oct 2017 21:49:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
myfood.ltd/favicon.ico
151.139.128.10200 OK 1.2 kB IP 151.139.128.10:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b671b0407b8abf4ffb9946ee1596d992
79a116ffd13f1888451abd3cb8751cb2140f2fa4
1515616a51664df153b03397585ee45469cb936100992f870419514b17820649
GET /favicon.ico HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:30:00 GMT
cache-control: max-age=30
content-length: 1150
content-type: image/x-icon
last-modified: Wed, 28 Mar 2018 14:00:16 GMT
accept-ranges: bytes
server: nginx
etag: "5abb9ff0-47e"
x-sp-metadata: HS256.CPif5p0GEoYBCiRkYzg3MzQ2OS0yY2ZiLTQ0MDEtODY0My0xYTc0Mjc1OTAyOTgQwIKqy8GT/AIaBgjog+adBiIMOTEuOTAuNDIuMTU0KJ1gMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiRhNWRmYTUwYi04ZGI5LTRhMmQtYjRkMy1hMTE4ZjNlYzg1MTQY/ggiGAgCEhRjZHMyNDAuc2sxLmh3Y2RuLm5ldA==.HacAGDvucp1x8p+Wn4242yryZhh1zxM7NN7OxQe0xH0=
x-hw: 1673101800.cds216.sk1.hn,1673101800.cds240.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:30:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3497
Expires: Sat, 07 Jan 2023 15:28:18 GMT
Date: Sat, 07 Jan 2023 14:30:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3497
Expires: Sat, 07 Jan 2023 15:28:18 GMT
Date: Sat, 07 Jan 2023 14:30:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3497
Expires: Sat, 07 Jan 2023 15:28:18 GMT
Date: Sat, 07 Jan 2023 14:30:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32750e1f-43b2-4ea2-9562-1ec8c85222fe.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32750e1f-43b2-4ea2-9562-1ec8c85222fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05977aeaee3d020a9e54b103bff0072e
74f544d78132f079b849fc2ef613a892c515378f
72b0b5e6ed8685fa24bd66e4173db1701b4a48b3df15c86228b833e615935da8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32750e1f-43b2-4ea2-9562-1ec8c85222fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8704
x-amzn-requestid: 1a997886-3172-4ba2-967d-328539cf685c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxErFfVoAMFhYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89550-7c30a3ff5d97f8b421776fb5;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:40:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: CKplX8NiGi4DVG0lwV2LILGwKdV6wOzThlE7SEjStyLgYQieTmJfPw==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:58:05 GMT
age: 59516
etag: "74f544d78132f079b849fc2ef613a892c515378f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 00:24:31 GMT
age: 50730
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3356bee662c2ea20cbebff5293e73340
625cfd3806740998c859fef8c1153efea72f5342
cd973426a15b28fa2c141e927ebf4e12faa05665780a3cd5010f874769b336e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13620
x-amzn-requestid: 0858cbd0-5965-477b-9d5f-015243f86e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePk56F4JoAMF5Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b61b72-705a9ad403bb7795397926fd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 00:36:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _BEaXb201gimcwDsb3uSk_O3LEH22mmdfCfCEnUSdWSAwprC8q4z7A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 15:06:19 GMT
age: 84222
etag: "625cfd3806740998c859fef8c1153efea72f5342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65a13b7b11843a364e80dbc2d54345ff
5b24f4bf17da840e61d96b0ed7452911539dbf67
8dea14e05eb2a0c850fe9441b605f50ec6206baf57da4293f2297cab0a82fe37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10064
x-amzn-requestid: 69f52653-2506-462d-9893-0f799b344286
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVkwUGirIAMFncw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8819b-0fa57a29615e8bb45dc4542a;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 20:16:27 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: wIRDocC9oXbYc6MO03kfkfBlZe44nlRSoJUaEkt23Hoxp_f51r6FAw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 04:22:22 GMT
age: 36459
etag: "5b24f4bf17da840e61d96b0ed7452911539dbf67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74fa5991-2906-4087-9140-d324ee47f475.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74fa5991-2906-4087-9140-d324ee47f475.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8586c8e3e930a23a0174c0e2283b517d
b4e085c82f60c9932e0d1f0fb859b9391a5c1fc5
a3ae9d0501e4ee6d36116800854100f90ad602d86bc9e699a0525c44fc3005db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74fa5991-2906-4087-9140-d324ee47f475.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7192
x-amzn-requestid: b0320711-07b4-4f62-87e1-029966a9a577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxovHLbIAMFVtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89637-6768a3b60c28700831c794f3;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:44:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 2Vs2Vyjoj-vWjEhp4aKaLOJhwdkHlAkTwxdKQhDOkxsPrZSiWRr1Ow==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:56:55 GMT
age: 59586
etag: "b4e085c82f60c9932e0d1f0fb859b9391a5c1fc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c0fd17757d97ed3b4570387623f465f
889b2e3d0db6f9bc03393ff59a5eb7bee816cac3
1035a9d3c973762adfc08529b59642c3839ef95a7e8cfcced63e61ec154ad092
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10695
x-amzn-requestid: ae69c1c3-22f6-49de-91ec-8e7a854e4b27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCNWFo5IAMFUKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a55-75032a3e7ab3eb897382cad4;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 5ZQenYpYQdMO-K0uy0zgWwUVEGUHGy1M_jgQI6VoMt1LEtaQBWGiRg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 12:14:12 GMT
age: 8149
etag: "889b2e3d0db6f9bc03393ff59a5eb7bee816cac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2