Overview

URLsurvivalstronghold.com/44871
IP 69.167.148.190 (United States)
ASN#32244 LIQUIDWEB
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 23:57:55 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (38)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.41.252.32
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
use.typekit.net (6) 494 2012-07-05 01:42:39 UTC 2020-04-03 01:06:02 UTC 23.36.76.186
ec.instapagemetrics.com (2) 61192 2020-10-23 16:20:18 UTC 2022-11-29 07:33:45 UTC 34.71.95.65
waves.retentionscience.com (1) 34622 2013-12-04 08:29:07 UTC 2022-11-29 08:26:13 UTC 52.21.24.251
cdn.instapagemetrics.com (1) 61897 2020-08-11 12:00:47 UTC 2022-11-29 12:25:09 UTC 34.120.27.38
d1stxfv94hrhia.cloudfront.net (1) 0 2015-12-20 18:20:36 UTC 2022-11-29 08:26:12 UTC 54.230.111.86 Unknown ranking
detectportal.firefox.com (2) 1601 2018-08-30 09:52:03 UTC 2020-04-29 19:46:30 UTC 34.107.221.82
getpocket.cdn.mozilla.net (1) 1369 2018-08-28 13:15:36 UTC 2020-03-21 16:37:27 UTC 34.120.5.221
content-signature-2.cdn.mozilla.net (2) 1152 No data No data 34.160.144.191
shavar.services.mozilla.com (1) 3602 2015-09-28 06:30:01 UTC 2020-05-04 00:48:21 UTC 52.35.225.239
ocsp.pki.goog (19) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
g.fastcdn.co (5) 52185 2019-02-01 09:01:52 UTC 2022-11-29 12:25:09 UTC 35.244.137.202
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-29 07:36:52 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-29 09:50:49 UTC 64.233.165.154
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-29 08:15:17 UTC 142.250.74.163
health.nativepath.com (1) 0 No data No data 107.178.254.45 Domain (nativepath.com) ranked at: 60517
heatmap-events-collector.instapage.com (1) 54233 2020-03-04 21:06:23 UTC 2022-11-29 12:25:09 UTC 34.71.95.65
r3.o.lencr.org (13) 344 No data No data 23.36.76.226
v.fastcdn.co (4) 51212 2018-07-09 13:23:58 UTC 2022-11-29 12:25:09 UTC 104.18.9.227
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 05:51:44 UTC 34.117.237.239
e1.o.lencr.org (4) 6159 No data No data 23.36.76.226
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-29 08:33:49 UTC 142.250.74.110
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
bat.bing.com (3) 387 2014-04-08 09:23:16 UTC 2020-04-20 20:17:24 UTC 204.79.197.200
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-29 09:35:58 UTC 142.250.74.106
firefox.settings.services.mozilla.com (10) 867 2020-06-04 20:08:41 UTC 2022-11-29 05:48:55 UTC 34.102.187.140
p.typekit.net (1) 620 2012-05-23 14:28:57 UTC 2020-04-17 00:28:35 UTC 23.36.76.186
sc-static.net (1) 1183 2022-01-24 20:13:30 UTC 2022-11-29 05:07:53 UTC 54.230.82.240
tr.snapchat.com (2) 978 2017-04-26 06:25:03 UTC 2022-05-17 21:54:32 UTC 35.190.43.134
analytics.tiktok.com (4) 1182 No data No data 23.36.79.32
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-29 09:16:29 UTC 142.250.74.132
survivalstronghold.com (2) 0 2014-03-12 19:53:57 UTC 2022-11-29 22:55:01 UTC 69.167.148.190 Unknown ranking
fb.nativepath.com (1) 0 2018-08-09 13:28:48 UTC 2022-11-29 19:20:30 UTC 23.92.16.147 Domain (nativepath.com) ranked at: 60517
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-29 06:48:06 UTC 142.250.74.168
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 survivalstronghold.com/44871 Phishing
2022-11-29 2 survivalstronghold.com/44871 Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 69.167.148.190
Date UQ / IDS / BL URL IP
2022-11-29 23:57:55 +0000 0 - 0 - 2 survivalstronghold.com/44871 69.167.148.190


Last 5 reports on ASN: LIQUIDWEB
Date UQ / IDS / BL URL IP
2023-02-05 14:35:29 +0000 0 - 1 - 0 7a4.hp1001.com/ 72.52.179.174
2023-02-05 14:12:56 +0000 0 - 0 - 33 maria.susypro.com/ 50.28.1.43
2023-02-05 13:46:35 +0000 0 - 0 - 1 gamesrotator.com/ 72.52.179.174
2023-02-05 12:24:03 +0000 0 - 0 - 17 russellbedford.com.kw/SUNCOAST%20CU/suncoastc (...) 209.59.140.242
2023-02-05 07:23:35 +0000 0 - 1 - 0 dl.imobie.com/droidkit-en-official-setup.exe 67.225.249.166


Last 1 reports on domain: survivalstronghold.com
Date UQ / IDS / BL URL IP
2022-11-29 23:57:55 +0000 0 - 0 - 2 survivalstronghold.com/44871 69.167.148.190


No other reports with similar screenshot

JavaScript

Executed Scripts (32)

Executed Evals (17)
#1 JavaScript::Eval (size: 160) - SHA256: 28fc9e2e812a6b2c1db1cf1e961d610acc0f3a5ef937ad7508723098f6a90a75
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(2) || google_tag_manager["GTM-K2KGPKM"].macro(3) || google_tag_manager["GTM-K2KGPKM"].macro(4) || null
})();
#2 JavaScript::Eval (size: 116) - SHA256: cb925fc53ca74400e5921344062cb4ff05c2cb51e7abf8b4e6fb7a613bd9f83e
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(6) || google_tag_manager["GTM-K2KGPKM"].macro(7) || null
})();
#3 JavaScript::Eval (size: 162) - SHA256: b7ad51e2852efef9d7d7b45174cc521e8674a51d3ef185b569c07bd9ad198534
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(9) || google_tag_manager["GTM-K2KGPKM"].macro(10) || google_tag_manager["GTM-K2KGPKM"].macro(11) || null
})();
#4 JavaScript::Eval (size: 163) - SHA256: afb0481c5a3e8b534d16703814097e12d7dea793515d9aeb4f042ccf644c4c1b
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(21) || google_tag_manager["GTM-K2KGPKM"].macro(22) || google_tag_manager["GTM-K2KGPKM"].macro(23) || null
})();
#5 JavaScript::Eval (size: 163) - SHA256: bb66a84c69176056a7bde774494efee376bf32274287a467e7105a52d55c3291
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(26) || google_tag_manager["GTM-K2KGPKM"].macro(27) || google_tag_manager["GTM-K2KGPKM"].macro(28) || null
})();
#6 JavaScript::Eval (size: 174) - SHA256: 513a7b188cfb50cbfcaa413b3173cd69d7bdc91244736d1e24fec38c9fae9690
(function() {
    var a = 0 === google_tag_manager["GTM-K2KGPKM"].macro(25).indexOf("wellness.");
    if (a) return a = document.querySelectorAll("#buy_now"), a.length ? "Sales Page" : "Lander"
})();
#7 JavaScript::Eval (size: 163) - SHA256: bebb572bbd744ed2a9b808985d37d3edaa9fa16aa58e9edc3be3032bea4fcbb9
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(29) || google_tag_manager["GTM-K2KGPKM"].macro(30) || google_tag_manager["GTM-K2KGPKM"].macro(31) || null
})();
#8 JavaScript::Eval (size: 163) - SHA256: 48495941ac4e05b57d545a8febabff194dba752b89d8a956e692decab3199089
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(32) || google_tag_manager["GTM-K2KGPKM"].macro(33) || google_tag_manager["GTM-K2KGPKM"].macro(34) || null
})();
#9 JavaScript::Eval (size: 163) - SHA256: 96ec6cafc822552d03043f6d33c48596fcd1daf6a57d567203a51f0e369d8eb5
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(38) || google_tag_manager["GTM-K2KGPKM"].macro(39) || google_tag_manager["GTM-K2KGPKM"].macro(40) || null
})();
#10 JavaScript::Eval (size: 163) - SHA256: 6de4048a1c3cf2a7b688a30b4ea3a7bc97b921c5bb9482a615ee92872b58d461
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(41) || google_tag_manager["GTM-K2KGPKM"].macro(42) || google_tag_manager["GTM-K2KGPKM"].macro(43) || null
})();
#11 JavaScript::Eval (size: 163) - SHA256: 4002013de31acaf60dac5faf51d0daf93b3dd364f2e3cdd0b0434abfd0793424
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(44) || google_tag_manager["GTM-K2KGPKM"].macro(45) || google_tag_manager["GTM-K2KGPKM"].macro(46) || null
})();
#12 JavaScript::Eval (size: 50) - SHA256: d3d463f0377633725af3e9d7a13a92d98ffde13e4d7b8b5db3e7870600e406b6
(function() {
    return pageData.funnelReferenceId
})();
#13 JavaScript::Eval (size: 163) - SHA256: d2b95d8b5c94f50d478f8f4ed769a4afb0650f13f7a87c575c0e664b68db4fb0
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(18) || google_tag_manager["GTM-K2KGPKM"].macro(19) || google_tag_manager["GTM-K2KGPKM"].macro(20) || null
})();
#14 JavaScript::Eval (size: 298) - SHA256: ffffcb516689b7952b110726a8d1d4dee36c422336f9d8405c77ce91ba003a5b
(function() {
    var a = 0 === google_tag_manager["GTM-K2KGPKM"].macro(24).indexOf("health.");
    if (a) {
        a = document.querySelectorAll('[data-at\x3d"button"]');
        for (var c in a) {
            var b = a[c];
            if (b.textContent.includes("PROCEED TO CHECKOUT") || b.textContent.includes("GET STARTED")) return "Sales Page"
        }
        return "Lander"
    }
})();
#15 JavaScript::Eval (size: 163) - SHA256: 26360e74236444f4334aa9a75d79de0d80dd988be158ad27e0a5183dd9d48f29
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(12) || google_tag_manager["GTM-K2KGPKM"].macro(13) || google_tag_manager["GTM-K2KGPKM"].macro(14) || null
})();
#16 JavaScript::Eval (size: 163) - SHA256: 082bd18015a2634f8d4ad7edf4c831baa4ad1d3deb59c3fcd435308c9967b952
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(15) || google_tag_manager["GTM-K2KGPKM"].macro(16) || google_tag_manager["GTM-K2KGPKM"].macro(17) || null
})();
#17 JavaScript::Eval (size: 163) - SHA256: d68d1eeed1b6610499e949ea9311c1527f558d488fc68fa0d8ffb802763e033b
(function() {
    return google_tag_manager["GTM-K2KGPKM"].macro(35) || google_tag_manager["GTM-K2KGPKM"].macro(36) || google_tag_manager["GTM-K2KGPKM"].macro(37) || null
})();

Executed Writes (0)


HTTP Transactions (114)


Request Response
                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 29 Nov 2022 03:09:55 GMT
Age: 74861
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10941
Expires: Wed, 30 Nov 2022 02:59:57 GMT
Date: Tue, 29 Nov 2022 23:57:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "369D74C6B81C1F06DE0BE7ED6CEE2971E6BA96EA36E5B96FCDCF80C483896AAB"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7353
Expires: Wed, 30 Nov 2022 02:00:09 GMT
Date: Tue, 29 Nov 2022 23:57:36 GMT
Connection: keep-alive

                                        
                                            GET /44871 HTTP/1.1 
Host: survivalstronghold.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         69.167.148.190
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Tue, 29 Nov 2022 23:57:36 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4 mod_fcgid/2.3.9
Location: https://survivalstronghold.com/44871
Cache-Control: max-age=600
Expires: Wed, 30 Nov 2022 00:07:36 GMT
Content-Length: 244
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   244
Md5:    d95b93aff142fb4a4ee27ae08da6ddc9
Sha1:   8c493df9de30d576591d9a2ac38043b458626bbe
Sha256: 4b997914cb46b24ad55b675929f004a9729bf09d4d23d5e901b0d1ff7114157a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.5.221
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: Xo8rs3ozBT9cL-IQSZnNXMT9VVP2FUdDZK2AWRkNpoFHTDvlhN1Fzw==
content-encoding: gzip
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 23:55:08 GMT
age: 163
content-length: 42481
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   42481
Md5:    c8538feba34738d7b1f466694c460ea9
Sha1:   8be40984b17582c31a1a9892f2189a65c9dd083a
Sha256: f0ddd3098f4c1d6d9f5466be417f8882fa993aee770b8c07288f3a153b866761
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3308
Expires: Wed, 30 Nov 2022 00:52:44 GMT
Date: Tue, 29 Nov 2022 23:57:36 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: CqASkiy6jwg+AyyW/vS8Y0NI2kd5INJUXLUcuuUELbZRFsEd3XjBQfh3KmBUD+4/TLFEZC5JZos=
x-amz-request-id: WFFB8QNS9GZCY2R3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 23:49:44 GMT
age: 472
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 3289
Cache-Control: public, max-age=1209600
Date: Tue, 29 Nov 2022 23:57:36 GMT
Etag: "638650c5-37"
Last-Modified: Tue, 29 Nov 2022 18:34:45 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 23:57:36 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 23:19:38 GMT
cache-control: public,max-age=3600
age: 2278
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 29 Nov 2022 03:09:55 GMT
Age: 74862
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3038
Cache-Control: max-age=154097
Date: Tue, 29 Nov 2022 23:57:37 GMT
Etag: "63864784-1d7"
Expires: Thu, 01 Dec 2022 18:45:54 GMT
Last-Modified: Tue, 29 Nov 2022 17:55:16 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4074
Cache-Control: public, max-age=1209600
Date: Tue, 29 Nov 2022 23:57:37 GMT
Etag: "638651c5-37"
Last-Modified: Tue, 29 Nov 2022 18:39:01 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 23:08:56 GMT
cache-control: public,max-age=3600
age: 2921
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yw5JGWSns/o7OjCkMX2zSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.252.32
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Pgssa2ooxgBk9rxLUHxfg86WOOU=

                                        
                                            POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 
Host: shavar.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

search
                                         52.35.225.239
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Tue, 29 Nov 2022 23:57:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    29fc57841962e407cb50c1be60284bf7
Sha1:   ce968a77e2996da5eee8925182318f171ccdce47
Sha256: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
                                        
                                            GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221669762633060%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Tue, 29 Nov 2022 23:01:56 GMT
cache-control: public,max-age=3600
last-modified: Tue, 29 Nov 2022 22:57:13 GMT
age: 3341
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Size:   21675
Md5:    c48f532b2023547c96bc0c0f34ca45d1
Sha1:   e63132e0293e147b47740ceb1dcccd3b00542b59
Sha256: 005e41db6558b4a51f532c48323de6f88b231efc0bb773aa8243b25a33bf5025
                                        
                                            GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1669055838363&_since=%221666204638208%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6591
via: 1.1 google
date: Tue, 29 Nov 2022 23:55:13 GMT
cache-control: public,max-age=3600
age: 144
last-modified: Tue, 29 Nov 2022 16:36:43 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6591), with no line terminators
Size:   6591
Md5:    ddbad6801531665338990fbeb1252ef1
Sha1:   d22107cd23142016a13e505b6a590065889d5741
Sha256: e74ced38afaf74478b8e6c577c076b635e70ad52974bd0b8b99f6c724b52a912
                                        
                                            GET /44871 HTTP/1.1 
Host: survivalstronghold.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         69.167.148.190
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=UTF-8
                                        
vary: Accept-Encoding,Cookie
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro 3.2.7 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_1294=44871; expires=Thu, 29-Dec-2022 23:57:38 GMT; Max-Age=2592000; path=/ prli_visitor=63869c7201f6b; expires=Wed, 29-Nov-2023 23:57:38 GMT; Max-Age=31536000; path=/
location: https://fb.nativepath.com/rd/r.php?sid=1133&pub=240573&c1=11-6-SS-pack-2000&c2=E&c3=
content-encoding: br
content-length: 1
date: Tue, 29 Nov 2022 23:57:37 GMT
server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1s mod_bwlimited/1.4 mod_fcgid/2.3.9
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1
Md5:    eccbc87e4b5ce2fe28308fd9f2a7baf3
Sha1:   77de68daecd823babbb58edb1c8e14d7106e83bb
Sha256: 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ClKehbY2aKbVPqbC84M2T+VUWbz8RgOOsvKmpiAvA9CPXpKeKXlwqksOIHJopJSBynG3QYqQ6lE=
x-amz-request-id: KH5XGEEHBPVCSEYV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 23:45:00 GMT
age: 757
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1669753108374&_since=%221666279968541%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 57458
via: 1.1 google
date: Tue, 29 Nov 2022 23:37:54 GMT
cache-control: public,max-age=3600
age: 1184
last-modified: Tue, 29 Nov 2022 20:18:28 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57458), with no line terminators
Size:   57458
Md5:    dcfc37993dda8c99e223b85579875f72
Sha1:   2bbba05bce6648ca9429ae920261f57e98affa43
Sha256: 45cf39a996855fbea909dc4170a427bd88252bb0a85b965ea3cddaeaf49ebd3b
                                        
                                            GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1669736690606&_since=%221666483264567%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 51208
via: 1.1 google
date: Tue, 29 Nov 2022 23:22:06 GMT
cache-control: public,max-age=3600
age: 2132
last-modified: Tue, 29 Nov 2022 15:44:50 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (51208), with no line terminators
Size:   51208
Md5:    9afaeae9d1527c87128e50461d2a6ef5
Sha1:   bde6a4638ccd5cb5a276909de5ee7fd8dfbf1f92
Sha256: 457c31b4e64a3d3482a8800d0fecdfa79a444dbf9e3aea58787756922629f6b2
                                        
                                            GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 681
via: 1.1 google
date: Tue, 29 Nov 2022 23:19:02 GMT
cache-control: public,max-age=3600
age: 2316
last-modified: Sun, 27 Nov 2022 16:36:54 GMT
etag: "1669567014153"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (681), with no line terminators
Size:   681
Md5:    01e6d8f0887454b033cd3d4cdb2f39f8
Sha1:   befee34a8f5c745b16752b061fdaa701e209ac8c
Sha256: 68f4889979f90605fd4fe35053efa202a5ced22b40bf321f51a2d7e97d49fbdc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8F639E472806085CEF63A029B9DE16DE64B247A766023357B8006417960E68C5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8720
Expires: Wed, 30 Nov 2022 02:22:58 GMT
Date: Tue, 29 Nov 2022 23:57:38 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1504
via: 1.1 google
date: Tue, 29 Nov 2022 23:45:40 GMT
cache-control: public,max-age=3600
age: 718
last-modified: Sun, 27 Nov 2022 16:36:43 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1504), with no line terminators
Size:   1504
Md5:    b480aba9ecded00911f29a626460b51a
Sha1:   ab390c2fdec3566f044afc6441e0bead2c854c3a
Sha256: 045742eee1dfc1cb13696b18f5e657dac32df0bcac9650e85d623547cda6a393
                                        
                                            GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Tue, 29 Nov 2022 23:17:05 GMT
cache-control: public,max-age=3600
age: 2433
last-modified: Wed, 23 Nov 2022 16:36:44 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Size:   1719
Md5:    26b3a5820cb75c442a39a3f8c56a1212
Sha1:   241fb08f23be561100840e18bcff0e6ed9c053df
Sha256: 95ee3ea4b37a3cec84225b31fc5aca4d885d816233eba2292055663714138340
                                        
                                            GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1668607340435&_since=%221657747510534%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1482
via: 1.1 google
date: Tue, 29 Nov 2022 23:10:11 GMT
cache-control: public,max-age=3600
age: 2847
last-modified: Wed, 23 Nov 2022 16:36:43 GMT
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1482), with no line terminators
Size:   1482
Md5:    9a6648141ef434591d6ed2b5598e2fa4
Sha1:   05473620f7d1b4f14c5c8b49f5c381f901cdd2a5
Sha256: 37bf328dc751deeba0ec35bcbf63fbbcf9887657b029ec4071d7a7cd75237430
                                        
                                            GET /rd/r.php?sid=1133&pub=240573&c1=11-6-SS-pack-2000&c2=E&c3= HTTP/1.1 
Host: fb.nativepath.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         23.92.16.147
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 29 Nov 2022 23:57:38 GMT
Content-Length: 0
Server: Apache
Set-Cookie: uid1133=549083523-20221129155738-708a1c1e996937464e2d045763bf3fc4-; domain=nativepath.com; expires=Tue, 06-Dec-2022 23:57:38 GMT; path=/; SameSite=None; Secure
Location: https://health.nativepath.com/eat-this-once-a-day-for-leg-swelling-1017?hpcid=1133&pub=240573&hit=549083523&c1=11-6-SS-pack-2000&c2=E&c3=&utm_source=11-6-SS-pack-2000&utm_medium=cpc&utm_campaign=E&utm_content=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "633BA0DCE10C4EF574D0EF3099BD1D3271DCCE89EA3162A5C2FE5FF0AE3696AD"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=319
Expires: Wed, 30 Nov 2022 00:02:57 GMT
Date: Tue, 29 Nov 2022 23:57:38 GMT
Connection: keep-alive

                                        
                                            POST /s/gts1d4/7pWJzFOlKkQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/7pWJzFOlKkQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/7pWJzFOlKkQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/7pWJzFOlKkQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/Popup.9a84b1a66a406d133e96.js HTTP/1.1 
Host: g.fastcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.244.137.202
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdtm0vmkMlXoOVl-48JKqM8xKA83GjSvsjX-rAatyESizB-0_XxDV3Koj1NMJFuF61Xnlrwf_TGf-FuiO7giwlgNmQ
x-goog-generation: 1667922113847015
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 20599
content-encoding: gzip
x-goog-hash: crc32c=CGADrg==, md5=Qoq4jy/poHESDrAPDtEArg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 20599
server: UploadServer
date: Wed, 09 Nov 2022 18:55:16 GMT
expires: Thu, 09 Nov 2023 18:55:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 08 Nov 2022 15:41:53 GMT
etag: "428ab88f2fe9a071120eb00f0ed100ae"
age: 1746143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64836), with no line terminators
Size:   20599
Md5:    428ab88f2fe9a071120eb00f0ed100ae
Sha1:   391f36a5e3604c31e64b00d9ae280fdd5cd6229c
Sha256: d0b53e17b58daebecf3bb932de9dcf92d0fa2828ba79e103b78f4ae9315917b4
                                        
                                            GET /js/utils.cd5b4894ab46ac49c25b.js HTTP/1.1 
Host: g.fastcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.244.137.202
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdvMdVTuzXGgiF7mG63B5JsrrlZhTQG-YWNQjP2QwD2dMExXtEESPLF2PH_-lxTi_JVV5cR77JEp1uB3HLOXu1TofA
x-goog-generation: 1657751795521149
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 17098
content-encoding: gzip
x-goog-hash: crc32c=eSmR5g==, md5=zRVELPXkLSL6Aqzpyh0U4g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 17098
server: UploadServer
date: Fri, 11 Nov 2022 06:42:17 GMT
expires: Sat, 11 Nov 2023 06:42:17 GMT
cache-control: public, max-age=31536000
age: 1617322
last-modified: Tue, 08 Nov 2022 15:41:55 GMT
etag: "cd15442cf5e42d22fa02ace9ca1d14e2"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49062), with no line terminators
Size:   17098
Md5:    cd15442cf5e42d22fa02ace9ca1d14e2
Sha1:   617a0c40e9af006403743c24dd2989f6b0b270e0
Sha256: 8282f7e3b4f4b3411f5fce200e897d7aa50abcacd4eefcc49ba22c6665e37716
                                        
                                            GET /js/LazyImage.90aa95d960c719e556c2.js HTTP/1.1 
Host: g.fastcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.244.137.202
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdv_YjUb-LB3nU-rKeZbNZ8KZHVIXX3oLcN2pV4LbejRApfRW0hbqM4v_jDBKUjHSLxfHrLedZ6PPnT7hTb9aErdMQ
x-goog-generation: 1655834352495760
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 18367
content-encoding: gzip
x-goog-hash: crc32c=jy3Uxg==, md5=HB3PA/UdaNV6PxWkSE0jEA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 18367
server: UploadServer
date: Sun, 20 Nov 2022 12:20:13 GMT
expires: Mon, 20 Nov 2023 12:20:13 GMT
cache-control: public, max-age=31536000
age: 819446
last-modified: Fri, 18 Nov 2022 21:59:53 GMT
etag: "1c1dcf03f51d68d57a3f15a4484d2310"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (53373), with no line terminators
Size:   18367
Md5:    1c1dcf03f51d68d57a3f15a4484d2310
Sha1:   c9fb95cf35a969540cb0275b7bff903fb445b8d9
Sha256: c49cc650d2bf3da1dce6bb46c614f8bb816bfbe67034f6475fc4c619d2bb2679
                                        
                                            GET /js/Cradle.c8a924beaefacc03f9bd.js HTTP/1.1 
Host: g.fastcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.244.137.202
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdsaH_7cHgcFpDzJ_DSMC9hyw_5KU_m4pko6sQM-RmFnRsK7ogO-ZnKKbRBoX3T8SvPYsSCGarCdFAMPuM02YNyTTO4fzXd-
x-goog-generation: 1669712533927517
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 22633
content-encoding: gzip
x-goog-hash: crc32c=M7JJVQ==, md5=NlLHIz1s1iGQxQU19uorag==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 22633
server: UploadServer
date: Tue, 29 Nov 2022 09:05:16 GMT
expires: Wed, 29 Nov 2023 09:05:16 GMT
cache-control: public, max-age=31536000
age: 53543
last-modified: Tue, 29 Nov 2022 09:02:14 GMT
etag: "3652c7233d6cd62190c50535f6ea2b6a"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65504), with no line terminators
Size:   22633
Md5:    3652c7233d6cd62190c50535f6ea2b6a
Sha1:   c211e4b9755a8c1ddb38d2718cc53d00c279c70f
Sha256: 38b8a469618178932af018b51b2b3d6bd871b7a39636017a85a8624b56417c63
                                        
                                            GET /js/LegacyVendors.1481b65225ca5f72d9bd.js HTTP/1.1 
Host: g.fastcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.244.137.202
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdsKmb68uGooQk5TvkvIJ6NUDKUFVncAslWn8tnri6FVobNY6IsrHBfRGrW04QN931ye50raLWr7wIbF5Td3HsQEOTLW8PRY
x-goog-generation: 1650448187173042
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31306
content-encoding: gzip
x-goog-hash: crc32c=N4fXmg==, md5=KAtqBAhav4hERh9l3dm+uA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 31306
server: UploadServer
date: Wed, 16 Nov 2022 09:54:54 GMT
expires: Thu, 16 Nov 2023 09:54:54 GMT
cache-control: public, max-age=31536000
age: 1173765
last-modified: Tue, 15 Nov 2022 15:52:58 GMT
etag: "280b6a04085abf8844461f65ddd9beb8"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65442)
Size:   31306
Md5:    280b6a04085abf8844461f65ddd9beb8
Sha1:   9430a4e1f07e72836574251f218ba7a017a40b96
Sha256: d22553be3598d78aada91c468f971da6a598adefaa4b7951a217c6e898670857
                                        
                                            POST /s/gts1d4/7pWJzFOlKkQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8344
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Tue, 29 Nov 2022 23:57:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8344
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Tue, 29 Nov 2022 23:57:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8344
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Tue, 29 Nov 2022 23:57:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8344
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Tue, 29 Nov 2022 23:57:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8344
Expires: Wed, 30 Nov 2022 02:16:43 GMT
Date: Tue, 29 Nov 2022 23:57:39 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 7488
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11466
x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHUxIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G2_x26WJ_ISQDsWfV3RzC_jCy5FLNLpblRk_GvuCn4i-ETBAsaKBjQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 7494
etag: "49a82390cbf2139bf681d896f9467ab736e0b337"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11466
Md5:    0c14828912decf19c9d95fee93e92f00
Sha1:   49a82390cbf2139bf681d896f9467ab736e0b337
Sha256: bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
age: 6533
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5785
Md5:    59baec8db5ced0210ab766ea5636a5fd
Sha1:   f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
Sha256: 33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:58:15 GMT
age: 7164
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7971
Md5:    9e135c29a8769eb12ef8c26f99097400
Sha1:   87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
Sha256: ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
age: 6047
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10958
Md5:    777ce44582c70bf01a31da4cab366f36
Sha1:   57e1d34f146d5ccd9943aa97bcc3158f7103bb07
Sha256: fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
                                        
                                            GET /ige7ywq.css HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.186
HTTP/2 200 OK
content-type: text/css;charset=utf-8
                                        
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 985
date: Tue, 29 Nov 2022 23:57:39 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (336)
Size:   985
Md5:    254286c420c1d3b039ff582ec5c53a18
Sha1:   da0ec80595ed21c5f33f39840fb6053104cd5766
Sha256: 6e872176fbc0f3bbbc5ce07e907e9ebc21fdae3d0a26ebf486d8b4ede823df04
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 7688
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9051
Md5:    05196ec43964cf559caa0c0279148d62
Sha1:   6170d6776615503e3e29f86783febc3e3e78ca66
Sha256: 47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CA5CFE7865AAC8DC0CD70DDE4182503EF9914CF8105C189D4CFD74785129315E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16576
Expires: Wed, 30 Nov 2022 04:33:55 GMT
Date: Tue, 29 Nov 2022 23:57:39 GMT
Connection: keep-alive

                                        
                                            GET /p.css?s=1&k=ige7ywq&ht=tk&f=749.750.751.752.753.754.755.756.757.758.25564.25565&a=3197966&app=typekit&e=css HTTP/1.1 
Host: p.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         23.36.76.186
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Tue, 29 Nov 2022 23:57:39 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5
Md5:    83d24d4b43cc7eef2b61e66c95f3d158
Sha1:   f0cafc285ee23bb6c28c5166f305493c4331c84d
Sha256: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/AZYjle7jzxU HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /t/js/3/it.js HTTP/1.1 
Host: cdn.instapagemetrics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.120.27.38
HTTP/2 200 OK
content-type: application/javascript
                                        
x-guploader-uploadid: ADPycdvcFUf8vdvKMdumABOaRX7phUo-7ORo-D7UWc6i2_5k21e_41jDiqHujZCl1tQv5CKOMBObzXTUBt9-P2aPNV5rfg
x-goog-generation: 1632829858360680
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 18709
x-goog-meta-tracker-version: 3
content-encoding: gzip
x-goog-hash: crc32c=9jCvxw==, md5=hNK6UKgtLEP6wZbPnOBfaA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 18709
server: UploadServer
date: Wed, 09 Nov 2022 18:41:32 GMT
expires: Thu, 09 Nov 2023 18:41:32 GMT
cache-control: no-transform
age: 1746967
last-modified: Tue, 28 Sep 2021 11:50:58 GMT
etag: "84d2ba50a82d2c43fac196cf9ce05f68"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (55107)
Size:   18709
Md5:    84d2ba50a82d2c43fac196cf9ce05f68
Sha1:   6e6087893d151df569ccab2ec8995c4d3729c88e
Sha256: 77448c32ce49ae314723788c9bc1fc3a886720bbecd58f483d000fdbf0eb2712
                                        
                                            GET /scevent.min.js HTTP/1.1 
Host: sc-static.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.82.240
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
content-length: 11968
server: CloudFront
date: Tue, 29 Nov 2022 23:57:39 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Wed, 30 Nov 2022 21:40:55 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UYVvAHCUraXU3iYqp3xQfBDIEx1vHMrjWgCJ303bLBTja3RaOAhQeA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27639), with no line terminators
Size:   11968
Md5:    6d231d01533de87f1978527ff1582e85
Sha1:   2681a231f71539018d1e7ef81b21035159e70067
Sha256: dd8eda4130a189c4da20100752803ccb737e26f5c93f97f8db822f29f545be19
                                        
                                            GET /gtm.js?id=GTM-K2KGPKM HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 23:57:39 GMT
expires: Tue, 29 Nov 2022 23:57:39 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 23:16:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78274
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (33725)
Size:   78274
Md5:    a3fe26ea6afb575c9f511aff5e9d6735
Sha1:   5cdda8a10cdac24b02f254c5a1f782d98a69c3b2
Sha256: 071d1eab8ae0afa43c4d446bba5261dad033c68302875806d21ab2afaaabe715
                                        
                                            POST /s/gts1d4/AZYjle7jzxU HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /af/66da5c/0000000000000000773597ae/30/l?subset_id=2&fvd=n4&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.186
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 20496
etag: "fb3c9456b48f780090641aa77cbd6a6009c1f990"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 29 Nov 2022 23:57:39 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 20496, version 1.0\012- data
Size:   20496
Md5:    a63deb874649b7776e42e0f41f895c93
Sha1:   c861c116624f0ea7210e2cb7adb87e1455844e31
Sha256: f74e48a7d2dcaa08e3081283a7cf42230e94c00853d703275beb567002bae14a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /af/964695/0000000000000000773597c9/30/l?subset_id=2&fvd=n8&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.186
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 18828
etag: "d0247656dd592d48aefefe54dcf66a8223307866"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 29 Nov 2022 23:57:39 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 18828, version 1.0\012- data
Size:   18828
Md5:    72793084fecb276dd6c6b632170c834c
Sha1:   c9620ed31d59a0e13ba6dfea1139742a46f52bb6
Sha256: 156d4bb341216da1a40500769bbd60bae86b4a0bb0ea53ecabd330522ea9f44c
                                        
                                            GET /af/419f5a/0000000000000000773597ca/30/l?subset_id=2&fvd=n7&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.186
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 18892
etag: "0089e023f0bf3af8eb04aaeb0046c3003f8446aa"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 29 Nov 2022 23:57:39 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 18892, version 1.0\012- data
Size:   18892
Md5:    a8df61557c53dcdd03a9ab3bad96199e
Sha1:   03e0ae9328add6103bfa1fab1425fb41dc745f41
Sha256: bcb29b0613d4e27305725c2b6205b2261c1a42c793f37a56ab29482d81a07578
                                        
                                            GET /af/91acd2/0000000000000000773597ba/30/l?subset_id=2&fvd=i4&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.186
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 20500
etag: "2dffc6825e5c9329a003973447e79249eeb7e561"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 29 Nov 2022 23:57:39 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 20500, version 1.0\012- data
Size:   20500
Md5:    4499e978eea04d0abde28d5b9c29f2f0
Sha1:   c3db030492a09878f120b11cb64d4f3799a073af
Sha256: 275d1532c4991f8f80ea84b202ecae1cb6a4ad88fbb426ac8b166de1e70d7b6e
                                        
                                            GET /af/e1df81/0000000000000000773597d0/30/l?subset_id=2&fvd=i8&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.186
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 19752
etag: "fdc7b5eb6154f4602e157a5ce8eb8e4296031234"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 29 Nov 2022 23:57:39 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 19752, version 1.0\012- data
Size:   19752
Md5:    d03e13082b915d3843f16236d3d25370
Sha1:   5ceda89972a83e54e11a0ea59cf919015e99752a
Sha256: 28ab0ebe9548b177f9c761767a6215becdaf5e3855953ce9756209692b9e0c8e
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "D156A2D9C83BF4F108988C6EAEA97AFB416D98A65625585C2B6339C3BE69450D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Wed, 30 Nov 2022 03:15:39 GMT
Date: Tue, 29 Nov 2022 23:57:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "B7C81B60DD30977562325A44C3573216CF14F1F634059DF3750A1C37D6F44B5A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8736
Expires: Wed, 30 Nov 2022 02:23:15 GMT
Date: Tue, 29 Nov 2022 23:57:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "B7C81B60DD30977562325A44C3573216CF14F1F634059DF3750A1C37D6F44B5A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8652
Expires: Wed, 30 Nov 2022 02:21:51 GMT
Date: Tue, 29 Nov 2022 23:57:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "D156A2D9C83BF4F108988C6EAEA97AFB416D98A65625585C2B6339C3BE69450D"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11938
Expires: Wed, 30 Nov 2022 03:16:37 GMT
Date: Tue, 29 Nov 2022 23:57:39 GMT
Connection: keep-alive

                                        
                                            GET /u/958c8c8b/42236675-0-5-star-rating.png HTTP/1.1 
Host: v.fastcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.9.227
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 29 Nov 2022 23:57:39 GMT
content-length: 15998
cache-control: public, max-age=315360000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=36692
content-disposition: inline; filename="42236675-0-5-star-rating.webp"
etag: "6d92c7b5764de8437d2c1af7e4346674"
expires: Fri, 26 Nov 2032 23:57:39 GMT
last-modified: Wed, 17 Apr 2019 17:07:27 GMT
vary: Accept
x-guploader-uploadid: ADPycdsK2UB-NMLVBbSH3qURlF4N_ppcKEyBYCHSk-r5V9926Wv8mQPxR3ppj2R00QY0JstJpyenemSKt8yf9-czrrQJqHlqZiz5
x-goog-generation: 1555520847244055
x-goog-hash: crc32c=UT5GVA==, md5=bZLHtXZN6EN9LBr35DRmdA==
x-goog-meta-content-length: 0
x-goog-meta-expires: Sun, 07 Jun 2020 09:07:27 GMT
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 36692
cf-cache-status: HIT
age: 3144
accept-ranges: bytes
server: cloudflare
cf-ray: 771f49736c42b51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   15998
Md5:    7125c7f9ed4b4c552388e29446e1958d
Sha1:   d593557c287a25518c2262785f66a4765c05db9c
Sha256: e47bf6546551c016dab1d38ff5a641e849ed5ab43f82ece8452f6a6b65752f19
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 104698
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /u/958c8c8b/62546448-0-62198112-0-1-20.png HTTP/1.1 
Host: v.fastcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.9.227
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 29 Nov 2022 23:57:39 GMT
content-length: 215276
cache-control: public, max-age=315360000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=385563
content-disposition: inline; filename="62546448-0-62198112-0-1-20.webp"
etag: "473e40a3c240905291e7bd1798403ef5"
expires: Fri, 26 Nov 2032 23:57:39 GMT
last-modified: Wed, 14 Sep 2022 18:41:18 GMT
vary: Accept
x-guploader-uploadid: ADPycdtXL77mNTq4nMQ3L-ZMrM33jSHBp37PkKfTDLyYFxDUdsdPdKLfoTzurz7eAenKCPK6LkfqMjEfEfLNChtOxqMe6Q
x-goog-generation: 1663180878865903
x-goog-hash: crc32c=SOsadQ==, md5=Rz5Ao8JAkFKR570XmEA+9Q==
x-goog-meta-content-length: 0
x-goog-meta-expires: Sun, 05 Nov 2023 10:41:18 GMT
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 385563
cf-cache-status: HIT
age: 103714
accept-ranges: bytes
server: cloudflare
cf-ray: 771f49736c46b51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   215276
Md5:    a9979721d0e65a4f7def4ee5e3e240b0
Sha1:   ea1acf4a08ec2049428251ebd52fc4e9fb698592
Sha256: bb4a541f5667decfbd8738c6164473d467e3634be1cb9730c6efefb9b2977cfa
                                        
                                            GET /u/958c8c8b/62587785-0-Week1.png HTTP/1.1 
Host: v.fastcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.9.227
HTTP/2 200 OK
content-type: image/webp
                                        
date: Tue, 29 Nov 2022 23:57:39 GMT
content-length: 737158
cache-control: public, max-age=315360000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1154076
content-disposition: inline; filename="62587785-0-Week1.webp"
etag: "edb055d72db89d550970cef05041743f"
expires: Fri, 26 Nov 2032 23:57:39 GMT
last-modified: Tue, 20 Sep 2022 19:29:30 GMT
vary: Accept
x-guploader-uploadid: ADPycdtNyeb84XhZf6rw1BHefodXHtKN_11ZRTwke3VshpXjt-1GNoz1-XRH9FW4xW4Z3AmfG6_SRTnQbKVQoX6fUrdsGi0xkimj
x-goog-generation: 1663702170301885
x-goog-hash: crc32c=EiSewQ==, md5=7bBV1y24nVUJcM7wUEF0Pw==
x-goog-meta-content-length: 0
x-goog-meta-expires: Sat, 11 Nov 2023 11:29:30 GMT
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1154076
cf-cache-status: HIT
age: 185847
accept-ranges: bytes
server: cloudflare
cf-ray: 771f49735c3bb51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   737158
Md5:    c8e83f81775f6b62a4fdedfd9d870b46
Sha1:   9e57c858263da324585f32ab30ed2df09c85178e
Sha256: 47140f853494b2ddec627c6c093f2a3390f9cd72e6745a707381477c65f70409
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3163
Cache-Control: max-age=114257
Date: Tue, 29 Nov 2022 23:57:39 GMT
Etag: "6385ab69-1d7"
Expires: Thu, 01 Dec 2022 07:41:56 GMT
Last-Modified: Tue, 29 Nov 2022 06:49:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3163
Cache-Control: max-age=114257
Date: Tue, 29 Nov 2022 23:57:39 GMT
Etag: "6385ab69-1d7"
Expires: Thu, 01 Dec 2022 07:41:56 GMT
Last-Modified: Tue, 29 Nov 2022 06:49:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /cm/i?pid=9c5712b0-acc7-4ba2-adff-ef6414082bcb&u_scsid=f03f6950-121e-48e7-b0b7-b318a9e04842&u_sclid=bd5dfef8-35e0-41d7-bec7-1f54454d535e HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 29 Nov 2022 23:57:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3164
Cache-Control: max-age=114257
Date: Tue, 29 Nov 2022 23:57:40 GMT
Etag: "6385ab69-1d7"
Expires: Thu, 01 Dec 2022 07:41:57 GMT
Last-Modified: Tue, 29 Nov 2022 06:49:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /i18n/pixel/config.js?sdkid=C3J06B1M4B6L4J2EC2OG&hostname=health.nativepath.com HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211292357409A717D0ED8B2E4B0D966
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb02a2696852f394bae07797eb6959ba5372a62292ec48a88f4324f95381ce2a456e3ff7f64e86b8fe2c49799f61ef0b25d299e0ce6cedbd8827c6827122b8c6d6
content-encoding: gzip
content-length: 356
x-origin-response-time: 8,23.218.220.145
x-akamai-request-id: d4359bc9.7c6bc257
expires: Tue, 29 Nov 2022 23:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 29 Nov 2022 23:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2IF92wJJSlUK0A8yUXCCvMscmS7; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-220-145.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=8, inner; dur=4
x-parent-response-time: 107,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (305)
Size:   356
Md5:    74e27f4b5f778c2bb02c678af66ffed4
Sha1:   5a709d5f94e6b2cedd3af3ea5a625d8014383f83
Sha256: 7382bbe1b62a8dc81fba9f419f50cdc99c6fb458d7905ecc7abebaec5cbfc468
                                        
                                            GET /collector/is_enabled?pids=9c5712b0-acc7-4ba2-adff-ef6414082bcb&tld=com HTTP/1.1 
Host: tr.snapchat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.190.43.134
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 29 Nov 2022 23:57:39 GMT
access-control-allow-origin: https://health.nativepath.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1369
Md5:    8ab2191b52e4933352d31b5d8f6709b1
Sha1:   cb4ca1f1334aca721526cf46d9a01402a0595e2f
Sha256: 8c1d1ace0b18f59d23834788bba9227023a89bf9292a88b00bab49b0b998f130
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 5185
Cache-Control: max-age=125951
Date: Tue, 29 Nov 2022 23:57:40 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 10:56:51 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET /waves/v3/w.js HTTP/1.1 
Host: d1stxfv94hrhia.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.86
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Aug 2020 00:58:40 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 29 Nov 2022 18:48:47 GMT
ETag: W/"59fe521db7acea9ed98c9c84c98549b3"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XJPeQQ4RUz2B9YYB-pQNXbWPajHYi7ZGY0-p3S0reCxw5Epv8BVEbQ==
Age: 18534


--- Additional Info ---
Magic:  ASCII text, with very long lines (32062)
Size:   15026
Md5:    ae0344332de45001ef09489ee1728532
Sha1:   1c25ca4b699a3946a7070270367d384a66a8696b
Sha256: c3f3f3c04e05fff7b329175d7d90b9e13cf6184b0f274c064ab894fd509d5858
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1071
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://health.nativepath.com/
Cookie: _ttp=2IF92wJJSlUK0A8yUXCCvMscmS7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022112923574001D5526256BA31778D69
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb29a903d51f2fcf63164750b3b6180ca4b5c4b7088cf4371d0fd70450d463851a34976a8834343a07b5716322d95bafdb9b76fd59c3a01dcfa656bbb77754d6a5
x-origin-response-time: 21,23.218.220.137
x-akamai-request-id: 40c4c15e.7c6bc2e6
expires: Tue, 29 Nov 2022 23:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 29 Nov 2022 23:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-220-137.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=119, origin; dur=21, inner; dur=15
x-parent-response-time: 136,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 22:41:08 GMT
expires: Wed, 30 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 4592
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: NMfK2WeQDqWDcyZc9oAsOnx3shv00pG4RuC4V/aX12YDSGQv0hWahPtc8NYv5cMLvTGiGnNs9IbGU30jTns+VQ==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 29 Nov 2022 23:57:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27340
Md5:    44ecaa3c2a4929a40141edc4540aaf84
Sha1:   f29a573182333b2500d41bfc389d6c5232dfb348
Sha256: 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
                                        
                                            GET /i18n/pixel/identify.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022112923574087CA74DA76B1AA82696B
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb29a903d51f2fcf63164750b3b6180ca49486523b3d27b3432fde2c26a16ed937814c8cab8a4551892fe2f203e0f02b0230c33ea02dd648ab45e0109caf0d8a98
content-encoding: gzip
x-origin-response-time: 7,23.218.220.137
x-akamai-request-id: 40c4be66.7c6bc255
expires: Tue, 29 Nov 2022 23:57:40 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 29 Nov 2022 23:57:40 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-220-137.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=7, inner; dur=4
x-parent-response-time: 105,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   30933
Md5:    2fc75e0ccd688367eb2fc0d1de4cc9af
Sha1:   85386b1ba0be76e8d2a63dde4f4be413e967fef0
Sha256: c0fba1b85bc72eea4402c8ec47da43e038e2870f7778c22dd30d205a8c6e468a
                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         204.79.197.200
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: private,max-age=1800
content-length: 11421
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=1821F5C072C369CF10DBE7AB739468FC; domain=.bing.com; expires=Sun, 24-Dec-2023 23:57:40 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C365A40DE90E45B380DCAED8AA5D9585 Ref B: OSL30EDGE0421 Ref C: 2022-11-29T23:57:40Z
date: Tue, 29 Nov 2022 23:57:39 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Size:   11421
Md5:    22e2e3226eb5ada04929a2e43307eeda
Sha1:   04615fa88f80567974bdeb0f103ca5909746ebd7
Sha256: 41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 5185
Cache-Control: max-age=125951
Date: Tue, 29 Nov 2022 23:57:40 GMT
Etag: "6385d132-1d7"
Expires: Thu, 01 Dec 2022 10:56:51 GMT
Last-Modified: Tue, 29 Nov 2022 09:30:26 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET /action/0?ti=25128990&Ver=2&mid=26527b18-2649-42a7-8f82-6185589477e6&sid=9b1bcb70704111eda238ef5b1b6f2a0f&vid=9b1bc2e0704111eda445d7754128c6b3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Leg%20Swelling&p=https%3A%2F%2Fhealth.nativepath.com%2Feat-this-once-a-day-for-leg-swelling-1017%3Fhpcid%3D1133%26pub%3D240573%26hit%3D549083523%26c1%3D11-6-SS-pack-2000%26c2%3DE%26c3%3D%26utm_source%3D11-6-SS-pack-2000%26utm_medium%3Dcpc%26utm_campaign%3DE%26utm_content%3D&r=&lt=3454&evt=pageLoad&sv=1&rn=89358 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         204.79.197.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2624E931495E65FA0748FB5A48096437; domain=.bing.com; expires=Sun, 24-Dec-2023 23:57:40 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E680A954A19D400BAA83BE2C25B6084A Ref B: OSL30EDGE0421 Ref C: 2022-11-29T23:57:40Z
date: Tue, 29 Nov 2022 23:57:40 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /p/action/25128990.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         204.79.197.200
HTTP/2 204 No Content
                                        
cache-control: private,max-age=1800
set-cookie: MUID=35E1BDF90E55676B2130AF920F0266D7; domain=.bing.com; expires=Sun, 24-Dec-2023 23:57:40 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 91981F6E3FAB4EFF94D8119772CFF174 Ref B: OSL30EDGE0421 Ref C: 2022-11-29T23:57:40Z
date: Tue, 29 Nov 2022 23:57:40 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-121900758-1&cid=850357568.1669766259&jid=349526087&gjid=334115602&_gid=1580013347.1669766259&_u=IEBAAEAAAAAAACAAI~&z=1683864957 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         64.233.165.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://health.nativepath.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 23:57:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155934
Date: Tue, 29 Nov 2022 23:57:40 GMT
Etag: "63864bb5-1d7"
Expires: Thu, 01 Dec 2022 19:16:34 GMT
Last-Modified: Tue, 29 Nov 2022 18:13:09 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -nJo60topa57bC5p3rVMuGEj3K-junuyDgUqKfXeI1N4i5D0bIh_RQ==
Age: 3805

                                        
                                            GET /tr/?id=1993352314115270&ev=PageView&dl=https%3A%2F%2Fhealth.nativepath.com%2Feat-this-once-a-day-for-leg-swelling-1017%3Fhpcid%3D1133%26pub%3D240573%26hit%3D549083523%26c1%3D11-6-SS-pack-2000%26c2%3DE%26c3%3D%26utm_source%3D11-6-SS-pack-2000%26utm_medium%3Dcpc%26utm_campaign%3DE%26utm_content%3D&rl=&if=false&ts=1669766259914&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669766259913.1183262448&it=1669766259400&coo=false&exp=b3&rqm=GET&cd[rex]=%7B%22uid%22%3A%22b64df21s4-e3d4-40f3-be8d-8b4f52c96fc7%22%2C%22retry%22%3A0%7D HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://health.nativepath.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 23:57:41 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-121900758-1&cid=850357568.1669766259&jid=349526087&_u=IEBAAEAAAAAAACAAI~&z=230979150 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 23:57:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   86111
Md5:    004266a3b582ac3cd20e2fd7b4033448
Sha1:   27868a3c0a2e2c9f1f1bc91a6feed1dc8650eeba
Sha256: 88b8c7d4ed9748db3db19e6dc56944a841febdce96d126e83373c62aa5dec65f
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-121900758-1&cid=850357568.1669766259&jid=349526087&_u=IEBAAEAAAAAAACAAI~&z=230979150 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 23:57:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /u/958c8c8b/62587790-0-Week2.png HTTP/1.1 
Host: v.fastcdn.co
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.9.227
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 29 Nov 2022 23:57:40 GMT
content-length: 2276421
x-guploader-uploadid: ADPycdt7vEs5EtG0_iL_Voe58DPQ1XpRYrO4vtWHh2anUzuK5sv1UfZuNDFjLghOUPsRKTJDtIgT6kyxQ7ald5hff88z7lYRvnBD
cache-control: public, max-age=315360000
expires: Fri, 26 Nov 2032 23:57:40 GMT
last-modified: Tue, 20 Sep 2022 19:29:32 GMT
etag: "6602bbb99f93d5c9625c94a0eb713eb3"
x-goog-generation: 1663702172464197
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2276421
x-goog-meta-content-length: 2276421
x-goog-meta-expires: Sat, 11 Nov 2023 11:29:32 GMT
x-goog-hash: crc32c=Dz+sWg==, md5=ZgK7uZ+T1cliXJSg63E+sw==
x-goog-storage-class: STANDARD
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 771f49736c43b51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1200 x 1600, 8-bit/color RGB, non-interlaced\012- data
Size:   2276421
Md5:    6602bbb99f93d5c9625c94a0eb713eb3
Sha1:   96138cc57b9b5c98f799d65b2e4c10bddbd44f1e
Sha256: 459a2699691e3346892098ea963765e1b0d8d694f78468eb1d8dbbd1f4fe80c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D52CC99DD3E38E2B44D79F019F472DE2C3FB802D2746A8C035C6BC4115509EA5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5439
Expires: Wed, 30 Nov 2022 01:28:20 GMT
Date: Tue, 29 Nov 2022 23:57:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D52CC99DD3E38E2B44D79F019F472DE2C3FB802D2746A8C035C6BC4115509EA5"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5439
Expires: Wed, 30 Nov 2022 01:28:20 GMT
Date: Tue, 29 Nov 2022 23:57:41 GMT
Connection: keep-alive

                                        
                                            OPTIONS /t/two HTTP/1.1 
Host: ec.instapagemetrics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://health.nativepath.com/
Origin: https://health.nativepath.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.71.95.65
HTTP/2 200 OK
                                        
date: Tue, 29 Nov 2022 23:57:41 GMT
content-length: 0
access-control-allow-origin: https://health.nativepath.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: sameorigin
X-Firefox-Spdy: h2

                                        
                                            POST /t/two HTTP/1.1 
Host: ec.instapagemetrics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2098
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.71.95.65
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 23:57:41 GMT
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://health.nativepath.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: sameorigin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            GET /wave?wave=%7B%22version%22%3A%223.1.0%22%2C%22site_id%22%3A614%2C%22arrival_time%22%3A1669766259343%2C%22arrival_uri%22%3A%22https%3A%2F%2Fhealth.nativepath.com%2Feat-this-once-a-day-for-leg-swelling-1017%3Fhpcid%3D1133%26pub%3D240573%26hit%3D549083523%26c1%3D11-6-SS-pack-2000%26c2%3DE%26c3%3D%26utm_source%3D11-6-SS-pack-2000%26utm_medium%3Dcpc%26utm_campaign%3DE%26utm_content%3D%22%2C%22page_title%22%3A%22Leg%20Swelling%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0%22%2C%22language%22%3A%22en-US%22%2C%22fingerprint%22%3A%22e1523c03a2cfb667b73ed64de9b28c02%22%2C%22rsci_vid%22%3A%22ee499bcf-5971-b7d2-7ef9-4fb837f3e478%22%2C%22action%22%3A%22view%22%7D HTTP/1.1 
Host: waves.retentionscience.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://health.nativepath.com
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.21.24.251
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 29 Nov 2022 23:57:40 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /eat-this-once-a-day-for-leg-swelling-1017?hpcid=1133&pub=240573&hit=549083523&c1=11-6-SS-pack-2000&c2=E&c3=&utm_source=11-6-SS-pack-2000&utm_medium=cpc&utm_campaign=E&utm_content= HTTP/1.1 
Host: health.nativepath.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: uid1133=549083523-20221129155738-708a1c1e996937464e2d045763bf3fc4-
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         107.178.254.45
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty
date: Tue, 29 Nov 2022 23:57:38 GMT
access-control-allow-origin: *
etag: W/"67534-kqIzXh+iRpxW3O5mSvbg3TU74KA"
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/lib.js HTTP/1.1 
Host: heatmap-events-collector.instapage.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.71.95.65
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 23:57:39 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: sameorigin
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
x-xss-protection: 0
vary: Accept-Encoding
access-control-allow-credentials: true
cache-control: public, must-revalidate, public
expires: Wed, 30 Nov 2022 00:02:39 GMT
accept-ranges: bytes
last-modified: Tue, 29 Nov 2022 07:13:20 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 23:57:39 GMT
date: Tue, 29 Nov 2022 23:57:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=C3J06B1M4B6L4J2EC2OG&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://health.nativepath.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221129235739E99EE0DE2DB2C68116DE
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb02a2696852f394bae07797eb6959ba530e819859f222d785220e50d06b076413b454fdf283d90fc46e9022a32a491bafa618bf6dff9860ce24983817299857eb
content-encoding: gzip
x-origin-response-time: 7,23.218.220.145
x-akamai-request-id: d4359795.7c6bc159
expires: Tue, 29 Nov 2022 23:57:39 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 29 Nov 2022 23:57:39 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-220-145.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=7, inner; dur=3
x-parent-response-time: 106,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---