h2thintv.com/
3.33.152.147301 Moved Permanently 59 B IP 3.33.152.147:0
File type HTML document, ASCII text
Hash 0dd72277a8756da27d326e1432abf5ae
825668a04c2d42af81ea78df89e00449490827eb
5138ea62d55ade6b7ef4fbf7a282c14cae5df6cb217aa16c9c6f23927ac6d087
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: h2thintv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 11:56:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 59
Connection: keep-alive
Location: https://www.h2thintv.com
Server: ip-100-74-2-29.eu-west-2.compute.internal
X-Request-Id: 9c3f2975-d315-411a-b965-88887fd9c8d1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6933
Expires: Fri, 02 Dec 2022 13:51:58 GMT
Date: Fri, 02 Dec 2022 11:56:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2067
Cache-Control: max-age=169757
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:25 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:05:42 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3898
Expires: Fri, 02 Dec 2022 13:01:23 GMT
Date: Fri, 02 Dec 2022 11:56:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 11:18:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2293
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Nca5/Utu3vYJfAH4wiTRjQ8xaG2+8O4m5P5FGiutEJoaQrFMyPvomjwVuY6wJpCa+P/6RLifT8M=
x-amz-request-id: B20808Q5QWGXWRQ8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 11:46:06 GMT
age: 619
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5f49494d45f44eb1d504684e537f1298
e389a85a0a85eddf429a7b87e0540e6c2f4aef6d
4f010e2bb6970768cf3d18bdaeca92a7bbae3680aaa874ff9b99068885eb6f6d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=162618
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:25 GMT
Etag: "6389c023-117"
Expires: Sun, 04 Dec 2022 09:06:43 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:43 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 11:08:57 GMT
cache-control: public,max-age=3600
age: 2848
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2063
Cache-Control: max-age=164691
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:41:17 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ttwEioOhtkWw5wCAF9J1lw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ncuYqhI0E7m81fldLqhKHvKxYNs=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash aff15ad9f37f82e3e8971e79b9159670
e9414ce7af5599213ab3f50af0b3bc07d2c6c04b
716600b6453c753227ffde5d9ceaf03b0f043002665cfcae45b68d0322947139
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1898
Cache-Control: max-age=88923
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "638898db-117"
Expires: Sat, 03 Dec 2022 12:38:29 GMT
Last-Modified: Thu, 01 Dec 2022 12:06:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ce9bb4656de0fb3edc54136d631bf5e1
95680f8722fba6e609b77df13566cf572de0183d
9a770b0fe4765e62e69c85565ccd057952fb54d078fb9ddb7732d2199f241bb6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1911
Cache-Control: max-age=155885
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "63899e60-117"
Expires: Sun, 04 Dec 2022 07:14:31 GMT
Last-Modified: Fri, 02 Dec 2022 06:42:40 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash aff15ad9f37f82e3e8971e79b9159670
e9414ce7af5599213ab3f50af0b3bc07d2c6c04b
716600b6453c753227ffde5d9ceaf03b0f043002665cfcae45b68d0322947139
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1898
Cache-Control: max-age=88923
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "638898db-117"
Expires: Sat, 03 Dec 2022 12:38:29 GMT
Last-Modified: Thu, 01 Dec 2022 12:06:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7bf4b9b508aa40f5d519add7f235f128
c10deab72baf7be9b90e40aa8585ee1e2438612a
2ccf0bb265836b9e6b20b57be61d660e60402d747a82ee9a80961ab5df063bd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5818
Cache-Control: max-age=88149
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "63888685-118"
Expires: Sat, 03 Dec 2022 12:25:35 GMT
Last-Modified: Thu, 01 Dec 2022 10:48:37 GMT
Server: ECS (amb/6BB1)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7bf4b9b508aa40f5d519add7f235f128
c10deab72baf7be9b90e40aa8585ee1e2438612a
2ccf0bb265836b9e6b20b57be61d660e60402d747a82ee9a80961ab5df063bd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4044
Cache-Control: max-age=86375
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "63888685-118"
Expires: Sat, 03 Dec 2022 11:56:01 GMT
Last-Modified: Thu, 01 Dec 2022 10:48:37 GMT
Server: ECS (amb/6BBB)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6d176cb8f2597096685e3cd03e8925e3
ea52061a01221a629c831bc5a3c034cb57640506
93e181326baca28fe36cf0110af8045f54a9684cff521622cb91e6a8d87d5590
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130959
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "63894479-117"
Expires: Sun, 04 Dec 2022 00:19:05 GMT
Last-Modified: Fri, 02 Dec 2022 00:19:05 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6d176cb8f2597096685e3cd03e8925e3
ea52061a01221a629c831bc5a3c034cb57640506
93e181326baca28fe36cf0110af8045f54a9684cff521622cb91e6a8d87d5590
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130959
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "63894479-117"
Expires: Sun, 04 Dec 2022 00:19:05 GMT
Last-Modified: Fri, 02 Dec 2022 00:19:05 GMT
Server: nginx
Content-Length: 279
assets.clickfunnels.com/images/closemodal.png
104.16.14.194200 OK 672 B URL HTTP/2 assets.clickfunnels.com/images/closemodal.png
IP 104.16.14.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: image/webp
content-length: 672
cf-ray: 7733e11a6ec70b41-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 20559
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "637bf173-314"
expires: Mon, 02 Jan 2023 11:56:26 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=op8RrHbhKMuAIQHbEIotWCA._txRdEcPXmwSiBBm818-1669982186-0-AcTep5LLZA7Nxy4LMejbuRnF9w4DLTn6tUUeizuvLxNtMgTQe2n77/ZS49lqcPcAtlEJbtPr/5CEDfxyyRmBMF/IV4SzUMZb7S2Wm2QQwAuH; path=/; expires=Fri, 02-Dec-22 12:26:26 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9017551118f933b99e215c8a4a8cfe15
3c7477adccaaa4deb8e14c69059e7e8b4622a54d
b1f47d3a19df0772e3976ffd2580889d5cefc310c34a94d6284260269b0126f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1122
Cache-Control: max-age=135707
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "638952a3-1d7"
Expires: Sun, 04 Dec 2022 01:38:13 GMT
Last-Modified: Fri, 02 Dec 2022 01:19:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9017551118f933b99e215c8a4a8cfe15
3c7477adccaaa4deb8e14c69059e7e8b4622a54d
b1f47d3a19df0772e3976ffd2580889d5cefc310c34a94d6284260269b0126f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1531
Cache-Control: max-age=136116
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "638952a3-1d7"
Expires: Sun, 04 Dec 2022 01:45:02 GMT
Last-Modified: Fri, 02 Dec 2022 01:19:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6d176cb8f2597096685e3cd03e8925e3
ea52061a01221a629c831bc5a3c034cb57640506
93e181326baca28fe36cf0110af8045f54a9684cff521622cb91e6a8d87d5590
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130959
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "63894479-117"
Expires: Sun, 04 Dec 2022 00:19:05 GMT
Last-Modified: Fri, 02 Dec 2022 00:19:05 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash aff15ad9f37f82e3e8971e79b9159670
e9414ce7af5599213ab3f50af0b3bc07d2c6c04b
716600b6453c753227ffde5d9ceaf03b0f043002665cfcae45b68d0322947139
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1986
Cache-Control: max-age=89011
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "638898db-117"
Expires: Sat, 03 Dec 2022 12:39:57 GMT
Last-Modified: Thu, 01 Dec 2022 12:06:51 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6d176cb8f2597096685e3cd03e8925e3
ea52061a01221a629c831bc5a3c034cb57640506
93e181326baca28fe36cf0110af8045f54a9684cff521622cb91e6a8d87d5590
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130959
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "63894479-117"
Expires: Sun, 04 Dec 2022 00:19:05 GMT
Last-Modified: Fri, 02 Dec 2022 00:19:05 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
104.16.13.194200 OK 462 B URL HTTP/2 images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
IP 104.16.13.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2a2b316db637f44354fd5083edff1176
94ff863b1d0bd38495f843b6a31d42991056d6a0
e8312763f657406a0328d9901f05e3c28611700e3408a56a5ec993acdd70f2aa
GET /old-public-templates/listhacking-sales/images/arrow-flash-small.gif HTTP/1.1
Host: images.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.h2thintv.com/
Connection: keep-alive
Cookie: __cf_bm=i6.yGdsrR_Qai.pNKYrDBvq4bgkUqAUSmULUq8R0ojU-1669982186-0-AcFakdmT84rZmw0t7rsDy1FpL9nV+UXLKSyRXfdueReJIFK2SNeDVMLWJbdzm9eLjTtAt79FYVlLeEFfCJhnR3WE+8Y7w5p+hA5LA5fUOzON
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: image/webp
content-length: 462
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=494
content-disposition: inline; filename="arrow-flash-small.webp"
etag: "64a7dd71d7bdc6a7200c52ce9b36701a"
last-modified: Fri, 14 Aug 2015 19:43:23 GMT
vary: Accept
x-amz-id-2: mug9JzOrBiiSRf6T/4vhWcZTqzWuv4/SNF2Iz46McnyyXV8wzT4WlRM+J7mNV1xbxfBnyaM9SUc=
x-amz-request-id: WQ2HMGH8N4027RWF
cf-cache-status: HIT
age: 67624
expires: Mon, 02 Jan 2023 11:56:26 GMT
cache-control: public, max-age=2678400
accept-ranges: bytes
server: cloudflare
cf-ray: 7733e11b0e79b515-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6d176cb8f2597096685e3cd03e8925e3
ea52061a01221a629c831bc5a3c034cb57640506
93e181326baca28fe36cf0110af8045f54a9684cff521622cb91e6a8d87d5590
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130959
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Etag: "63894479-117"
Expires: Sun, 04 Dec 2022 00:19:05 GMT
Last-Modified: Fri, 02 Dec 2022 00:19:05 GMT
Server: nginx
Content-Length: 279
www.h2thintv.com/
104.16.16.194302 Found 3.4 kB IP 104.16.16.194:0
Hash 46379614e921d6a4450c00ee026845a1
00b9218b509e70b8aac823a069dc25b334f1c8fb
461832cf74f867bd1ccea3dc35dc92e78e22f4431f69baeece02382d950357c1
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.h2thintv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: text/html; charset=utf-8
location: https://www.h2thintv.com/tv
cf-ray: 7733e114c981b509-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: bb634fbd438f08fc41ba0d41aee6a0ad
x-runtime: 0.207401
set-cookie: __cf_bm=3GiyOFFuQSr.wNdJzI.gbEVb_XBhYQk5Sov0xRvHpT4-1669982186-0-Ae8NhZKx7qdAfafHrG+Mk1bYKzrHsZy2m4rA72wxRMeLrPs04YY81sssUMNC2aEwgZ5tPmVBg8G1/cQf2kmeNqQI8EMIIWtWr1ztQuwGSXSW; path=/; expires=Fri, 02-Dec-22 12:26:26 GMT; domain=.www.h2thintv.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.133.15200 OK 13 kB URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (55782)
Hash 174228c9821fba2843be129af32286cc
aee1224e0cdb615e257e1f22076e3a2adc8691b8
b08e2725aca137ce40f156ccfbd7ecf6792b5e66b234a784ba9ab4c22e9165d7
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: text/css
x-amz-id-2: cIB7RJR8YNkOt3c5odVNIsPWGanLxokh1zS2YvTVv7QSgKdKXNOroM5eyN2MvPjoE855Z9I1sPM=
x-amz-request-id: BCPBKD6BGPB27GGJ
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 513878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrRwJfeySALvsNdXoPvb9OTLVm%2Fc6Ioef769yPZ0PPhe4mZqvFjytmyVFUWLshVMuiS7M9gbtVw24j7BCkoA2fuSR3pcNauEKV8TrNbtcA%2Fyzj0OkoC6UAbPWkafijI8nj%2Ft1OmX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7733e119fd62070e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.clickfunnels.com/templates/listhacking-sales/images/arrow-flash-small.gif
104.16.14.194301 Moved Permanently 1.0 kB URL HTTP/2 assets.clickfunnels.com/templates/listhacking-sales/images/arrow-flash-small.gif
IP 104.16.14.194:0
Hash 2ae396054e711f0f52ef452dd6b15c75
c8c07b1ebe66587034d89ad836e07c12ac772706
d69697bbbc7c15b4610e781863a45e27cfc977017b08eb615be451d24d9a5647
GET /templates/listhacking-sales/images/arrow-flash-small.gif HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: text/html
location: https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
cf-ray: 7733e11a6eca0b41-OSL
access-control-allow-origin: *
age: 426794
cache-control: public, max-age=2678400
expires: Mon, 02 Jan 2023 11:56:26 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=i6.yGdsrR_Qai.pNKYrDBvq4bgkUqAUSmULUq8R0ojU-1669982186-0-AcFakdmT84rZmw0t7rsDy1FpL9nV+UXLKSyRXfdueReJIFK2SNeDVMLWJbdzm9eLjTtAt79FYVlLeEFfCJhnR3WE+8Y7w5p+hA5LA5fUOzON; path=/; expires=Fri, 02-Dec-22 12:26:26 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 320626
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:22 GMT
expires: Fri, 01 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 84425
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.227200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:18:06 GMT
expires: Tue, 28 Nov 2023 21:18:06 GMT
cache-control: public, max-age=31536000
age: 311901
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:55 GMT
expires: Tue, 28 Nov 2023 18:52:55 GMT
cache-control: public, max-age=31536000
age: 320612
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:31:58 GMT
expires: Tue, 28 Nov 2023 21:31:58 GMT
cache-control: public, max-age=31536000
age: 311069
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 240319
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
happyhealthythin.org/hosted/images/3c/f7adc6e0274a57a8f80a71c96847d0/bullet-point-3-h2thin.png
104.16.13.194200 OK 4.4 kB URL HTTP/2 happyhealthythin.org/hosted/images/3c/f7adc6e0274a57a8f80a71c96847d0/bullet-point-3-h2thin.png
IP 104.16.13.194:0
File type PNG image data, 500 x 200, 8-bit colormap, non-interlaced\012- data
Hash 19e9554340326ca253292ce26646c608
d9a7cb9dbfa3f9464d19f1734fb50487de7645c4
00211a684213e603470470ff3429303db5099dda2cd0dd26f8a08dd91b678f57
GET /hosted/images/3c/f7adc6e0274a57a8f80a71c96847d0/bullet-point-3-h2thin.png HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: image/png
content-length: 4418
cf-ray: 7733e11a7ba8b500-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "19e9554340326ca253292ce26646c608"
last-modified: Mon, 15 Mar 2021 23:34:23 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
set-cookie: __cf_bm=_jpwyYPCMfmK.NdeHiBIOwSvk5VV25u17IIlnd1FThA-1669982187-0-AfJ4rcYYWg28XAWQjnXgb02zwTw+Ado2vS2+VjySn9KRhuGLVFvmUFCfhT1IFo8HPPTWN0ym3LxG3nukFsq1h9JXktWnZAYmUb7l3OQEWjoU; path=/; expires=Fri, 02-Dec-22 12:26:27 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
happyhealthythin.org/hosted/images/9a/681fce8ce747f5b99be6eb4444bd2e/bullet-point-1-h2thin.png
104.16.13.194200 OK 4.1 kB URL HTTP/2 happyhealthythin.org/hosted/images/9a/681fce8ce747f5b99be6eb4444bd2e/bullet-point-1-h2thin.png
IP 104.16.13.194:0
File type PNG image data, 500 x 200, 8-bit colormap, non-interlaced\012- data
Hash ab1682d193fc0841b0040f98c0f3f257
c4d025d5909e33c4a7ef0b92f66e8e49bce4857e
0100b51fb45b50d4ece21a6adb65dd247f7cad98ee70042726f25420ddc9b0ae
GET /hosted/images/9a/681fce8ce747f5b99be6eb4444bd2e/bullet-point-1-h2thin.png HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: image/png
content-length: 4139
cf-ray: 7733e11a7ba5b500-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "ab1682d193fc0841b0040f98c0f3f257"
last-modified: Mon, 15 Mar 2021 23:33:37 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
set-cookie: __cf_bm=Gw.WM.Al1b0xaLi.tYP.H2N.Czqd1WZIiMp21.gX0IQ-1669982187-0-AdetR7tQyKlzYB+OWwlaxHqM1uWfxLYn+ADEXnsS7PRKm69thdEnym9lBFpJVJC3iohFZdGDKIfVx5AcmWTZbuexDbgqD3pQ3xOAW7j1ucTJ; path=/; expires=Fri, 02-Dec-22 12:26:27 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
happyhealthythin.org/hosted/images/83/63561536c641688a56679b0b322575/happy-healthy-thin-1.png
104.16.13.194200 OK 6.4 kB URL HTTP/2 happyhealthythin.org/hosted/images/83/63561536c641688a56679b0b322575/happy-healthy-thin-1.png
IP 104.16.13.194:0
File type PNG image data, 300 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 32e748857d26e28ae4eaac2e7bc9347e
db3e4683efed6ff51034b5428502ccd0f8c807b7
a9ff2ffc290459761f16298e53250232d05d9fbd4a581dbe943f851a0570eedf
GET /hosted/images/83/63561536c641688a56679b0b322575/happy-healthy-thin-1.png HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: image/png
content-length: 6432
cf-ray: 7733e11a7ba0b500-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "32e748857d26e28ae4eaac2e7bc9347e"
last-modified: Tue, 23 Feb 2021 20:38:23 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
set-cookie: __cf_bm=iW1ORFxxbxlDBVuuKDJrJZsME3H0K3SHIxDX3GQm6CU-1669982187-0-AXSju7hzIteLxlwhZ4qvdumNJXHUVct9Ro/IJBowNdQtYmTQ9tn79EOKSnEacaGSn4LokW/vrfGNqGfO0dMbZpak42g8T2bSvo4UuAuRxRVs; path=/; expires=Fri, 02-Dec-22 12:26:27 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
happyhealthythin.org/hosted/images/d6/0ed33127b5488d93d1de6b8dfc7ec0/bullet-point-2-h2thin.png
104.16.13.194200 OK 3.9 kB URL HTTP/2 happyhealthythin.org/hosted/images/d6/0ed33127b5488d93d1de6b8dfc7ec0/bullet-point-2-h2thin.png
IP 104.16.13.194:0
File type PNG image data, 500 x 200, 8-bit colormap, non-interlaced\012- data
Hash b16044f56a396a9b5f1b346634a75c6c
aaead8c221e9125bc4fd6557f52b9a67d36eb283
46be54edeb6c8faabe0892642a8ce9ab84b9055bde984b5d229ac2e9e8bc59cc
GET /hosted/images/d6/0ed33127b5488d93d1de6b8dfc7ec0/bullet-point-2-h2thin.png HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: image/png
content-length: 3906
cf-ray: 7733e11a7ba6b500-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "b16044f56a396a9b5f1b346634a75c6c"
last-modified: Mon, 15 Mar 2021 23:33:55 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
set-cookie: __cf_bm=ufMDXQ4q_oCtP2XfcrgV_ZjIr4dCrSRFVhepiAUXsfo-1669982187-0-Aa2QoWzQfBNOz7XxkMkYojWbyBKYtCyHGl/E5m7VJsoUwmqePL9s00N6fjd8X7b5pkuYD5WQ3oqc6fbzTVwEndaEOP/u23luZuWsmQeVwOAo; path=/; expires=Fri, 02-Dec-22 12:26:27 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 010d0c49d2c4b5640cbed9c22a2cdc17
210620a2af7384878f9b6f24ef58caa88606ba92
7529b4616c3d420ff92497c61d91456695d4361aa2e640ef906c09f18620173b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144710
Date: Fri, 02 Dec 2022 11:56:27 GMT
Etag: "63897431-1d7"
Expires: Sun, 04 Dec 2022 04:08:17 GMT
Last-Modified: Fri, 02 Dec 2022 03:42:41 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CyP201NydkHacm9sEcg6seRgiHL_hkDltOHg_276_tXNHq6EcMM3qA==
Age: 1536
collector-21774.us.tvsquared.com/tv2track.js
3.22.179.81200 OK 8.5 kB URL HTTP/1.1 collector-21774.us.tvsquared.com/tv2track.js
IP 3.22.179.81:0
File type ASCII text, with very long lines (1162)
Hash 0dfa43ce95b39a456eae5449442aff6e
f5a7a9573c38d97cb3c7d8d811b8b6707a7f2d88
3135834b3c8b03e052d94f9b63cf3f796ff4a3077256dd1daddc16d5c204306a
GET /tv2track.js HTTP/1.1
Host: collector-21774.us.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=600
Content-Encoding: gzip
Content-Type: application/javascript
Date: Fri, 02 Dec 2022 11:56:27 GMT
ETag: "6306051b-2133"
Expires: Fri, 02 Dec 2022 12:06:27 GMT
Last-Modified: Wed, 24 Aug 2022 11:01:47 GMT
Server: nginx
X-Robots-Tag: noindex
Content-Length: 8499
Connection: keep-alive
www.h2thindfw.com/wp-content/uploads/2016/08/happy-healthy-thin-1.png
35.208.219.117200 OK 9.1 kB URL HTTP/2 www.h2thindfw.com/wp-content/uploads/2016/08/happy-healthy-thin-1.png
IP 35.208.219.117:0
File type PNG image data, 300 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash a6443a8980aacfda04276fad03cfdf44
b7deeb9ce59551000a2a0c1fd4fa876f2c55ff40
e1afa987978abb6420f1069c9a3d1d4039c5ebc0be9bcef01ed9246fd8de45fe
GET /wp-content/uploads/2016/08/happy-healthy-thin-1.png HTTP/1.1
Host: www.h2thindfw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: image/png
content-length: 9091
last-modified: Thu, 16 Feb 2017 00:36:29 GMT
etag: "58a4f40d-2383"
expires: Sat, 02 Dec 2023 11:56:27 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
happyhealthythin.org/hosted/images/14/d8497a257a4694bb90c29bfaf57dac/seth-before-after-dallas-tx-1.png
104.16.13.194200 OK 302 kB URL HTTP/2 happyhealthythin.org/hosted/images/14/d8497a257a4694bb90c29bfaf57dac/seth-before-after-dallas-tx-1.png
IP 104.16.13.194:0
File type PNG image data, 588 x 412, 8-bit/color RGBA, non-interlaced\012- data
Size 302 kB (301677 bytes)
Hash 63e75b6b910e1ffade50a81151d8d602
c9dfeb1325dada36cbd06c57f5a47b67bbc5e81d
fd40532e7bcf2289698beb99f22f2d81ef072a918f32935165ddb9dd0095173d
GET /hosted/images/14/d8497a257a4694bb90c29bfaf57dac/seth-before-after-dallas-tx-1.png HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: image/png
content-length: 301677
cf-ray: 7733e11a7baab500-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "63e75b6b910e1ffade50a81151d8d602"
last-modified: Mon, 15 Mar 2021 23:35:03 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
set-cookie: __cf_bm=ct9OxuhWcehgyvnP.EO0sh_9mQ_Is.wwJGcd4RVzKsM-1669982187-0-Acq+6tiK75kAJMe7UsXEuDveowyOwph3+i6apBvDHeD6b9bbdR9r4DGCw1XBU7vEa6jL7SrBiS3q9zDNT22N7IxGgNyIRuDQUjOTpTnFWqlq; path=/; expires=Fri, 02-Dec-22 12:26:27 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
143.204.55.15200 OK 200 B URL HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 143.204.55.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 93afeeb17bc37e711759584dbfc50d47
bbbc9e5d68854172c90b993064df560996a2a433
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 200
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Fri, 02 Dec 2022 11:12:43 GMT
cache-control: max-age=31536000
etag: "93afeeb17bc37e711759584dbfc50d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o7fOolbkcLhK6LeT9dcG3Bv8UgDbhv3fPoia4s1S7OtlC_N_HjSMig==
age: 2631
X-Firefox-Spdy: h2
js.stripe.com/v2/
143.204.55.15200 OK 20 kB IP 143.204.55.15:0
File type ASCII text, with very long lines (32015)
Hash f1752fe674a4c2fba240294615b93202
d3d679c20f83fa6b4f435ade4dd0603321db4cc9
aade0b44a21956f328955309c36170c3ed59739ae6d277aebb67dfb839e91328
GET /v2/ HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Thu, 03 Feb 2022 12:42:55 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Fri, 02 Dec 2022 11:55:45 GMT
cache-control: public, max-age=300
etag: W/"4e0e5080f8f45588fcc33b82ee08fa3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1f-c_7v-ReLsEPSj0pBExmkNzFDrh8M9Z5mPHD-Agd9inTe_8OpnCA==
age: 125
X-Firefox-Spdy: h2
happyhealthythin.org/hosted/images/d8/1762dd1d4d4c56a87960d79a6c1996/header-image-h2thin-2.jpg
104.16.13.194200 OK 84 kB URL HTTP/2 happyhealthythin.org/hosted/images/d8/1762dd1d4d4c56a87960d79a6c1996/header-image-h2thin-2.jpg
IP 104.16.13.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1800x1040, components 3\012- data
Hash e453d6e2d89afadd2f05e962f734d66e
c04340c0fd6b3380cc7d9ac05f05912be94eff53
25d8421f970921f4d390130ba4596b92ec2e1eeffadd5ddd913cfa293c0cba2c
GET /hosted/images/d8/1762dd1d4d4c56a87960d79a6c1996/header-image-h2thin-2.jpg HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Cookie: __cf_bm=HYuMUqzoi3chIh.5xzuDMzZBREZPsmWOm4DQTyRPd8o-1669982186-0-AfVqKmd2aQyakhx5UcJUF0XzQM7aS1+XFIMCnc0mrvX2BqihX0KPLc9X8+BCh704gSc+Ai5013HjMkMHGO/RwtEnqWV9eA3G7QVe3XCDtQ0P
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: image/jpeg
content-length: 83904
cf-ray: 7733e11c3e0fb500-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "e453d6e2d89afadd2f05e962f734d66e"
last-modified: Tue, 23 Feb 2021 17:34:47 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5397
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:56:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5397
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:56:27 GMT
Connection: keep-alive
js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.h2thintv.com&stripe_xdm_c=default541782&stripe_xdm_p=1
143.204.55.15200 OK 1.1 kB URL HTTP/2 js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.h2thintv.com&stripe_xdm_c=default541782&stripe_xdm_p=1
IP 143.204.55.15:0
Hash 0f214a178d0f5e61826c6579afe6cf3c
20ef68b0dc48f9184aba202849511dfc3ee9c12e
8a70b8214259511c953fae1b7490512e7b20be86acb8fbde8ac724623c05e38f
GET /v2/channel.html?stripe_xdm_e=https%3A%2F%2Fwww.h2thintv.com&stripe_xdm_c=default541782&stripe_xdm_p=1 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
last-modified: Tue, 05 Oct 2021 15:24:12 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self'; connect-src https://api.stripe.com; base-uri 'none'; form-action 'none'; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-M1LJiJCn3XBCZ1erCVATqpCSJ5Yd9sUrS2npRlBZ6YE='; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
content-encoding: gzip
date: Fri, 02 Dec 2022 11:54:55 GMT
cache-control: public, max-age=300
etag: W/"19af0c6cc7a0bca20a355b3362dc64a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U71PeUmOzutbVw6My39xuNqYuYUXCf0ktqehmMQEY8LqrsNNNWPFdw==
age: 277
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5397
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:56:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5397
Expires: Fri, 02 Dec 2022 13:26:24 GMT
Date: Fri, 02 Dec 2022 11:56:27 GMT
Connection: keep-alive
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
143.204.55.15200 OK 631 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP 143.204.55.15:0
File type ASCII text, with very long lines (526)
Hash f8f6a4584135f737b26927596ce6e0a7
609ea9e9c46563fb1dc78a7967c926394e73ffab
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 631
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
date: Fri, 02 Dec 2022 11:33:18 GMT
cache-control: max-age=31536000
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fihOlH-DDWipsptMKRKVKOzj7MOlhuCDhBkgdW8kEKXCrAtxt3nqNQ==
age: 1401
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 00:54:54 GMT
age: 39693
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald%7CLato+sans-serif%7COpen+Sans%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CLato+sans-serif%7COswald%7CLato+sans-serif%7COswald%7COpen+Sans%7CLato+sans-serif%7COpen+Sans%7CLato+sans-serif%7COswald%7COpen+Sans%7COswald%7CLato+sans-serif%7COpen+Sans%7COswald%7COpen+Sans%7CLato+sans-serif%7C%7C
142.250.74.106200 OK 5.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Oswald%7CLato+sans-serif%7COpen+Sans%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CLato+sans-serif%7COswald%7CLato+sans-serif%7COswald%7COpen+Sans%7CLato+sans-serif%7COpen+Sans%7CLato+sans-serif%7COswald%7COpen+Sans%7COswald%7CLato+sans-serif%7COpen+Sans%7COswald%7COpen+Sans%7CLato+sans-serif%7C%7C
IP 142.250.74.106:0
Hash d1e2d44b8fc4eaa7f8fdfcaca6a04df9
de6ed477101feec1525f24db93a49d111d629415
0e8687ce610c0f6a04bd254dfd0b6a39811bc86727d6afd588aa6596da3aff3c
GET /css?family=Oswald%7CLato+sans-serif%7COpen+Sans%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CLato+sans-serif%7COswald%7CLato+sans-serif%7COswald%7COpen+Sans%7CLato+sans-serif%7COpen+Sans%7CLato+sans-serif%7COswald%7COpen+Sans%7COswald%7CLato+sans-serif%7COpen+Sans%7COswald%7COpen+Sans%7CLato+sans-serif%7C%7C HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 11:56:26 GMT
date: Fri, 02 Dec 2022 11:56:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cgj3fw3lpngosMNOK7cZUZO94T__4RTy_p7wa6rI62OOvhI5E9wMSw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:30:28 GMT
age: 80759
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
app.clickfunnels.com/mailcheck.min.js
104.16.13.194200 OK 5.9 kB URL HTTP/2 app.clickfunnels.com/mailcheck.min.js
IP 104.16.13.194:0
File type C source, ASCII text, with very long lines (525)
Hash bfdb57d6ecf3e3e7e3bf7081cf70f2e0
457abba4fa0915d3cc386a973db82d0f0efe9920
8170b32942d9278c85ffaad9069c3579ac93425c9c4e86d12097d27eaf6a7e87
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: application/x-javascript
cf-ray: 7733e11a6db4b515-OSL
access-control-allow-origin: *
age: 3183
etag: W/"637bf173-a8d"
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=8SY3qCohMZX3rbzDzmJlPJZNiySt9RgA98yE9rrinxQ-1669982186-0-AYHc5h0iw4D/lKMozbWNWLnux0Ezi6SJ0CUjeqwVok9BCkk+HKy8d2J78ApKqH4gSHgQ9mGM2GrpbW8wWAjaM0sT/KGxUY7gsAEp4h0F5AbC; path=/; expires=Fri, 02-Dec-22 12:26:26 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
age: 50694
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQ21d2_5JO2Ym-LEnDecub9bK6wUyvM2zUf_XpfMGag83fVWlMjT8w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:50:09 GMT
age: 50778
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
collector-21774.us.tvsquared.com/tv2track.php?action_name=Happy%20Healthy%20Thin&idsite=TV-7281272754-1&rec=1&r=579467&h=11&m=56&s=25&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv&_id=afcfe7e52eaf63a7&_idts=1669982186&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=258
3.22.179.81200 OK 42 B URL HTTP/1.1 collector-21774.us.tvsquared.com/tv2track.php?action_name=Happy%20Healthy%20Thin&idsite=TV-7281272754-1&rec=1&r=579467&h=11&m=56&s=25&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv&_id=afcfe7e52eaf63a7&_idts=1669982186&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=258
IP 3.22.179.81:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 00657dd79637a8daf5e6196ca17f1887
3e064855d1fe7c6eac52981a646ec5840ba7efb5
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
GET /tv2track.php?action_name=Happy%20Healthy%20Thin&idsite=TV-7281272754-1&rec=1&r=579467&h=11&m=56&s=25&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv&_id=afcfe7e52eaf63a7&_idts=1669982186&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=258 HTTP/1.1
Host: collector-21774.us.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Fri, 02 Dec 2022 11:56:27 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: dde04e83-6840-468c-8a3e-6813a818f3b5
Server: nginx
Content-Length: 42
Connection: keep-alive
m.stripe.network/inner.html
151.101.128.176200 OK 527 B URL HTTP/2 m.stripe.network/inner.html
IP 151.101.128.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash e02352ef72e8a9563463c07174b0e50f
7a41613f7eae0819d1a4785eae3617fdbb33b9b3
2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:56:27 GMT
via: 1.1 varnish
age: 61
x-request-id: 318a1c79-2338-4ce0-8517-670f7b6f84c0
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 37
x-timer: S1669982188.703372,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
151.101.128.176200 OK 16 kB URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 151.101.128.176:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 0b880c6e7a381ef1f81263cf34c54e79
af46e0111cb22576b07084f4b49be7b41b5fc3ca
115ea79f002c0c2e3405178f66ce92ecb5173e7678f692ab65d6bbf526880b7b
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:56:27 GMT
via: 1.1 varnish
age: 127
x-request-id: 83e6157b-c65e-49d2-9f0c-1a7afbe5ec87
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 69
x-timer: S1669982188.729511,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 16031
X-Firefox-Spdy: h2
s3.amazonaws.com/provely-public/w/provely-2.0.js
52.217.229.128200 OK 19 kB URL HTTP/1.1 s3.amazonaws.com/provely-public/w/provely-2.0.js
IP 52.217.229.128:0
File type ASCII text, with very long lines (19075), with no line terminators
Hash ef25040e9190338649091a8cd0320c8b
131f844f6c36e33a805c2a1e4828da84840ed606
cb6d40a53f0decda2c464eae0617970c98d792a08137c79501424bc620b28d3b
GET /provely-public/w/provely-2.0.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: DVcgo9ZaaBpgJApBBcDMgqAgmQ+VtFnxB40JUSSl5dlHdEPv7/FG+tBsqSES9KQbxAzc96iZ+Zc=
x-amz-request-id: 8F4Z03R77G82EYKM
Date: Fri, 02 Dec 2022 11:56:28 GMT
Last-Modified: Thu, 15 Sep 2022 04:35:26 GMT
ETag: "ef25040e9190338649091a8cd0320c8b"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 19075
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1432
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:27 GMT
Last-Modified: Fri, 02 Dec 2022 11:32:35 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:19:00 GMT
expires: Wed, 29 Nov 2023 14:19:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 250647
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: OAHyFlmOrhbmLaFy6vsc1B+xrSYroA8/S2cGcKgm9wZ2aKEFWLVhfpVpxdq4vGlMp4kBOYZZg3Qjq9UsCoUmxA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Fri, 02 Dec 2022 11:56:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a11a991958dbd78dfb3392214590ef38
c5fb54ce1ad1c51598623b66827af482c565e0d5
01d67dc39941deea93712fa87453fd27679357916ab856358e0bda7a63b2624d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5709
Cache-Control: max-age=134516
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:27 GMT
Etag: "63893c12-1d7"
Expires: Sun, 04 Dec 2022 01:18:23 GMT
Last-Modified: Thu, 01 Dec 2022 23:43:14 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.facebook.com/tr/?id=398366268272178&ev=PageView&dl=https%3A%2F%2Fwww.h2thintv.com%2Ftv&rl=&if=false&ts=1669982186314&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669982186313.223283480&it=1669982186127&coo=false&rqm=GET
157.240.240.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=398366268272178&ev=PageView&dl=https%3A%2F%2Fwww.h2thintv.com%2Ftv&rl=&if=false&ts=1669982186314&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669982186313.223283480&it=1669982186127&coo=false&rqm=GET
IP 157.240.240.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=398366268272178&ev=PageView&dl=https%3A%2F%2Fwww.h2thintv.com%2Ftv&rl=&if=false&ts=1669982186314&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669982186313.223283480&it=1669982186127&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 02 Dec 2022 11:56:28 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de80992246163639b8ed22c07de83fe5
34430c1492f51729f8b2e5765027ccae036aa3f7
9465f8c661f69d8a2015b90d568aed65bb2cdf3ed562ccb73bdfbc236ada2f95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 986
Cache-Control: max-age=118976
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:28 GMT
Etag: "638911d2-1d7"
Expires: Sat, 03 Dec 2022 20:59:24 GMT
Last-Modified: Thu, 01 Dec 2022 20:42:58 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 3e8845dee5a57ca2e0dbc8ede2967e0b
6d3f9ff647231f1921a6e8b121f605b36239d6a0
2737d18ccd45ba6560574d3a67ad9f3b87c048461e08c2657d6986f9d322e0c0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126688
Date: Fri, 02 Dec 2022 11:56:28 GMT
Etag: "638922b1-1d7"
Expires: Sat, 03 Dec 2022 23:07:56 GMT
Last-Modified: Thu, 01 Dec 2022 21:54:57 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Wjad1tz-3q4dJ7SgZgf85AX5f9ovocObBbCa97Uo1kaNAfID2e61Tw==
Age: 4379
js-agent.newrelic.com/552.2d6a2503-1220.js
151.101.2.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (21423)
Hash 097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:56:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1265
x-timer: S1669982188.196694,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
d2saw6je89goi1.cloudfront.net/uploads/digital_asset/file/822007/Happy-Healthy-Icon.png
143.204.42.157200 OK 5.6 kB URL HTTP/2 d2saw6je89goi1.cloudfront.net/uploads/digital_asset/file/822007/Happy-Healthy-Icon.png
IP 143.204.42.157:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 04283d7dcb30246f6e88a842e0db8f64
b26ae825f4e464515237fa82d7ca43dacbec525f
b7a3d35ecdb24dce3247d2f950de93b0bfa9e75a680b4331cec23cf4bce0e50d
GET /uploads/digital_asset/file/822007/Happy-Healthy-Icon.png HTTP/1.1
Host: d2saw6je89goi1.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 5591
date: Fri, 02 Dec 2022 11:56:29 GMT
last-modified: Fri, 04 Dec 2020 17:01:58 GMT
etag: "04283d7dcb30246f6e88a842e0db8f64"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ajtjp3orRBuhanjfDY8cyEus82vey26XogoBFsDykeRmW0qRni5-0w==
X-Firefox-Spdy: h2
js.stripe.com/v3/elements-inner-card-ec7287455cc0c5e0f6ee87741472b0fb.html
143.204.55.15200 OK 798 B URL HTTP/2 js.stripe.com/v3/elements-inner-card-ec7287455cc0c5e0f6ee87741472b0fb.html
IP 143.204.55.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (798), with no line terminators
Hash ec7287455cc0c5e0f6ee87741472b0fb
538b0d84546856d5263528ac304965372350a047
1338d44da6e9d22204b6a4a7331c5fd0dbaaa6f571131763b82c982e1bc2e267
GET /v3/elements-inner-card-ec7287455cc0c5e0f6ee87741472b0fb.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 798
last-modified: Thu, 01 Dec 2022 20:24:23 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Fri, 02 Dec 2022 11:28:34 GMT
cache-control: max-age=31536000
etag: "ec7287455cc0c5e0f6ee87741472b0fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oPlKqN5TI6ufrfWTchOIoVt56NvfIK6a7u9oqit47sO1XhKQf5Exnw==
age: 1676
X-Firefox-Spdy: h2
www.h2thintv.com/v1/track_capi?page_key=9pnkkqvt4cm845f8&location=https://www.h2thintv.com/tv&referrer=
104.16.16.194200 OK 3 B URL HTTP/2 www.h2thintv.com/v1/track_capi?page_key=9pnkkqvt4cm845f8&location=https://www.h2thintv.com/tv&referrer=
IP 104.16.16.194:0
Hash 344cb90c9cea24e3fd7d53c37a700afd
4460d93d41e542dbffba74b05bcfaf5bf88327d0
fa8b3050c745eb53dd2bea7ba537764269e8aca03015419f4a4327544640773a
GET /v1/track_capi?page_key=9pnkkqvt4cm845f8&location=https://www.h2thintv.com/tv&referrer= HTTP/1.1
Host: www.h2thintv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.h2thintv.com/tv
Connection: keep-alive
Cookie: __cf_bm=3GiyOFFuQSr.wNdJzI.gbEVb_XBhYQk5Sov0xRvHpT4-1669982186-0-Ae8NhZKx7qdAfafHrG+Mk1bYKzrHsZy2m4rA72wxRMeLrPs04YY81sssUMNC2aEwgZ5tPmVBg8G1/cQf2kmeNqQI8EMIIWtWr1ztQuwGSXSW; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NDY4NDczMTk=:visited=true; cf:visitor_id=7a80e43d-533b-49c7-bdd4-05da9b1a5dc0; addevent_track_cookie=882c6f1d-8837-4c0c-be9f-e5643a465d51; _tq_id.TV-7281272754-1.7687=afcfe7e52eaf63a7.1669982186.0.1669982186..; _fbp=fb.1.1669982186313.223283480
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:28 GMT
content-type: text/plain; charset=utf-8
cf-ray: 7733e123ec6db509-OSL
access-control-allow-origin: *
cache-control: no-cache, private
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: cf18b66c74b77269cb9cf79bff9de0f9
x-runtime: 0.035470
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
js-agent.newrelic.com/290.2d6a2503-1220.js
151.101.2.137200 OK 3.4 kB URL HTTP/2 js-agent.newrelic.com/290.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (8544)
Hash b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: w13KyJHc6nZxbdEwslB41w8/Eu8hqTxWFthe9Ce9ktH5t1CQfPDcADzeIbbM0XmVboDReCBCqwPazqB/yCHcHQ==
x-amz-request-id: ENM21W9CJ64N9SCW
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:56:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 763
x-timer: S1669982188.357067,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2
js-agent.newrelic.com/368.2d6a2503-1220.js
151.101.2.137200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/368.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (3382)
Hash fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GUwozRedGseijuU5ypA/WbbnDIf/u5E5/2u5+kb3ugz/wj5jQhWm8oFz9CQSV79o7P1yeeJAp+M=
x-amz-request-id: K9T2FMDPRF0ZCE4Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:56:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1242
x-timer: S1669982188.357045,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
js-agent.newrelic.com/768.2d6a2503-1220.js
151.101.2.137200 OK 2.2 kB URL HTTP/2 js-agent.newrelic.com/768.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (5523)
Hash 98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: P4mBsEL/DTAFzpZmpgTrdkaNBJrByz58gWXjGItRhFpF6Y8vCPU2Lz0KL/HwWqBLBPUd/7ipab8=
x-amz-request-id: XM6J50R0X1MZPD9F
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:56:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1480
x-timer: S1669982188.357036,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
151.101.2.137200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 02 Dec 2022 11:56:28 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 24
x-timer: S1669982188.356992,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
m.stripe.com/6
52.41.227.58200 OK 156 B IP 52.41.227.58:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9d8ad08e5c70f7f0a5ba04125c4178bb
8f93b98167f8cc018ee335e3aa65da96f3f7d135
6624c60e2fc522700bd1add3ffd8ad5c995ae6a523479515a1520d817755e107
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2348
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:28 GMT
content-length: 156
set-cookie: m=73a141c1-7909-43a3-8da1-c43c38968ca67dadc9;Expires=Sun, 01-Dec-2024 11:56:28 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
143.204.55.15200 OK 325 B URL HTTP/2 js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
IP 143.204.55.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (325), with no line terminators
Hash 6807626aac0c9ec4dec377e6a032abaf
f0a50864f057ec1e29b6606a74ca4868214f9fd5
b9791ec131156bff05f5bccfc51771d61d7d34e09114abdef87053cc6198f376
GET /v3/controller-6807626aac0c9ec4dec377e6a032abaf.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 325
last-modified: Thu, 01 Dec 2022 20:24:23 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Fri, 02 Dec 2022 11:56:29 GMT
cache-control: max-age=60
etag: "6807626aac0c9ec4dec377e6a032abaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hdnzPzwBfHktVqcppXHCKNCv-KeXv0LAnTUjvKVOoXMbnM1ySTvmSw==
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3556&ck=0&s=d428091883e54629&ref=https://www.h2thintv.com/tv&ap=662&be=1415&fe=1724&dc=900&perf=%7B%22timing%22:%7B%22of%22:1669982183250,%22n%22:0,%22f%22:1083,%22dn%22:1083,%22dne%22:1083,%22c%22:1083,%22s%22:1083,%22ce%22:1083,%22rq%22:1093,%22rp%22:1351,%22rpe%22:1351,%22dl%22:1359,%22di%22:2288,%22ds%22:2314,%22de%22:2532,%22dc%22:3138,%22l%22:3138,%22le%22:3277%7D,%22navigation%22:%7B%7D%7D&fcp=1970&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3556&ck=0&s=d428091883e54629&ref=https://www.h2thintv.com/tv&ap=662&be=1415&fe=1724&dc=900&perf=%7B%22timing%22:%7B%22of%22:1669982183250,%22n%22:0,%22f%22:1083,%22dn%22:1083,%22dne%22:1083,%22c%22:1083,%22s%22:1083,%22ce%22:1083,%22rq%22:1093,%22rp%22:1351,%22rpe%22:1351,%22dl%22:1359,%22di%22:2288,%22ds%22:2314,%22de%22:2532,%22dc%22:3138,%22l%22:3138,%22le%22:3277%7D,%22navigation%22:%7B%7D%7D&fcp=1970&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1220.PROD&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3556&ck=0&s=d428091883e54629&ref=https://www.h2thintv.com/tv&ap=662&be=1415&fe=1724&dc=900&perf=%7B%22timing%22:%7B%22of%22:1669982183250,%22n%22:0,%22f%22:1083,%22dn%22:1083,%22dne%22:1083,%22c%22:1083,%22s%22:1083,%22ce%22:1083,%22rq%22:1093,%22rp%22:1351,%22rpe%22:1351,%22dl%22:1359,%22di%22:2288,%22ds%22:2314,%22de%22:2532,%22dc%22:3138,%22l%22:3138,%22le%22:3277%7D,%22navigation%22:%7B%7D%7D&fcp=1970&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 11:56:28 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7733e12689200b61-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
js.stripe.com/v3/.deploy_status_henson.json
143.204.55.15200 OK 474 B URL HTTP/2 js.stripe.com/v3/.deploy_status_henson.json
IP 143.204.55.15:0
File type JSON data\012- , ASCII text, with very long lines (474), with no line terminators
Hash c5d8f307e75c8905d4004a3fc5980820
46400c37bbf98876bc2a1be991f355a85e8ff944
8149465c007a298a66a8e23a6a95fc551358fc756ae375ba8b35a5bfdb69d9c8
GET /v3/.deploy_status_henson.json HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/v3/elements-inner-card-ec7287455cc0c5e0f6ee87741472b0fb.html
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 474
last-modified: Thu, 01 Dec 2022 21:17:15 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
date: Fri, 02 Dec 2022 11:55:40 GMT
cache-control: max-age=60
etag: "c5d8f307e75c8905d4004a3fc5980820"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NcnM4X7b9ocM81e1VYU0Nboyyzn2owUi7uYms15eVJk1isW-veaQug==
age: 48
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 05e8912e5718b48be1976ac922289900
7fc07f3693c94c1a3b6f5c31cd6f95262216c6ea
20eb9b024430e0fdca4602f860c45f20e5409fa68f71085a54ae38c1a7f3ca3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 924
Cache-Control: max-age=145540
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:29 GMT
Etag: "638979d5-139"
Expires: Sun, 04 Dec 2022 04:22:09 GMT
Last-Modified: Fri, 02 Dec 2022 04:06:45 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 05e8912e5718b48be1976ac922289900
7fc07f3693c94c1a3b6f5c31cd6f95262216c6ea
20eb9b024430e0fdca4602f860c45f20e5409fa68f71085a54ae38c1a7f3ca3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1029
Cache-Control: max-age=145645
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:29 GMT
Etag: "638979d5-139"
Expires: Sun, 04 Dec 2022 04:23:54 GMT
Last-Modified: Fri, 02 Dec 2022 04:06:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 05e8912e5718b48be1976ac922289900
7fc07f3693c94c1a3b6f5c31cd6f95262216c6ea
20eb9b024430e0fdca4602f860c45f20e5409fa68f71085a54ae38c1a7f3ca3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5353
Cache-Control: max-age=149969
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:56:29 GMT
Etag: "638979d5-139"
Expires: Sun, 04 Dec 2022 05:35:58 GMT
Last-Modified: Fri, 02 Dec 2022 04:06:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
js.stripe.com/v3/fingerprinted/js/controller-79f58911ba490bb99ff85cb64206068f.js
143.204.55.15200 OK 109 kB URL HTTP/2 js.stripe.com/v3/fingerprinted/js/controller-79f58911ba490bb99ff85cb64206068f.js
IP 143.204.55.15:0
File type C source, Unicode text, UTF-8 text, with very long lines (60418), with no line terminators
Size 109 kB (109133 bytes)
Hash fb88ff085291102f6f67f922d9ac4a74
a931c32f35367b5efa719a1221470010e08cb0ae
25df8f37b37a2608bc436c8ee73bdb227a2c5a69b9ddc4ab32969c40804f4667
GET /v3/fingerprinted/js/controller-79f58911ba490bb99ff85cb64206068f.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 01 Dec 2022 20:24:31 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Fri, 02 Dec 2022 11:26:28 GMT
cache-control: max-age=31536000
etag: W/"96cc675ea52eae89fd5fd8af463dbb16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8H4rx84rj6NA7kNgIwNdgL4IjscVn8Xm48ltb1IrE2VF2xZeVjNhJw==
age: 1822
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 662
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 656
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 662
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 669
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 577
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 582
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 587
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 585
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 946
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 584
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 585
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 585
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 1176
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 1251
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 588
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 1179
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
app.provely.io/legacy/animate.css
18.208.87.233200 OK 3.0 kB URL HTTP/2 app.provely.io/legacy/animate.css
IP 18.208.87.233:0
Hash 54b6dffaa162fa91045f24eba5eda80b
e28e0a683c81046858af2001466312c0e18d3d85
b6564743ac89fd237263b0390ed7a40752d8f9dbbd62860aceb3a922ab55b44a
GET /legacy/animate.css HTTP/1.1
Host: app.provely.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:28 GMT
content-type: text/css
server: nginx
last-modified: Thu, 01 Dec 2022 22:47:30 GMT
etag: W/"63892f02-6ae6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 588
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 1400
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
app.provely.io/api/campaigns/32909/contacts?ref=https%3A%2F%2Fwww.h2thintv.com%2Ftv&r=0.2551054269891734
18.208.87.233404 Not Found 50 B URL HTTP/2 app.provely.io/api/campaigns/32909/contacts?ref=https%3A%2F%2Fwww.h2thintv.com%2Ftv&r=0.2551054269891734
IP 18.208.87.233:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 471d2287db736bfc04eb2480711916b5
289732c760a2813c2cf36489437ce1fb5edcbbd2
475b87a0c292f62674dbfb28a8363663caa49ba1acebd90edebc3711ef5c311c
POST /api/campaigns/32909/contacts?ref=https%3A%2F%2Fwww.h2thintv.com%2Ftv&r=0.2551054269891734 HTTP/1.1
Host: app.provely.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 19
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Fri, 02 Dec 2022 11:56:28 GMT
content-type: application/json
server: nginx
cache-control: no-cache, private
access-control-allow-origin: https://www.h2thintv.com
vary: Origin
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 572
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 590
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 587
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 598
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:29 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
r.stripe.com/0
54.187.119.242200 OK 0 B IP 54.187.119.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /0 HTTP/1.1
Host: r.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js.stripe.com/
Content-Type: application/x-www-form-urlencoded
Origin: https://js.stripe.com
Content-Length: 601
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:56:34 GMT
content-length: 0
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
content-type: text/plain
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7733e119fa72b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
app.provely.io/api/campaigns/32909/campaign
18.208.87.233200 OK 0 B URL HTTP/2 app.provely.io/api/campaigns/32909/campaign
IP 18.208.87.233:0
POST /api/campaigns/32909/campaign HTTP/1.1
Host: app.provely.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 49
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:28 GMT
content-type: application/json
server: nginx
cache-control: no-cache, private
access-control-allow-origin: https://www.h2thintv.com
vary: Origin
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
happyhealthythin.org/assets/lander.css
104.16.13.194200 OK 0 B URL HTTP/2 happyhealthythin.org/assets/lander.css
IP 104.16.13.194:0
GET /assets/lander.css HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: text/css
cf-ray: 7733e11b8d1cb500-OSL
access-control-allow-origin: *
age: 947
cache-control: public, max-age=1200
etag: W/"637bf173-6a514"
expires: Fri, 02 Dec 2022 12:16:26 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=HYuMUqzoi3chIh.5xzuDMzZBREZPsmWOm4DQTyRPd8o-1669982186-0-AfVqKmd2aQyakhx5UcJUF0XzQM7aS1+XFIMCnc0mrvX2BqihX0KPLc9X8+BCh704gSc+Ai5013HjMkMHGO/RwtEnqWV9eA3G7QVe3XCDtQ0P; path=/; expires=Fri, 02-Dec-22 12:26:26 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
happyhealthythin.org/images/background.png?_unique=0.540509402680922&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.h2thintv.com/tv&_title=Happy%20Healthy%20Thin&_key=qifl9dxx&_page_key=9pnkkqvt4cm845f8&_fid=10279343&_fspos=27&_fvrs=1&_funnel_stat=0&_location=https://www.h2thintv.com/tv&_referrer=
104.16.13.194200 OK 0 B URL HTTP/2 happyhealthythin.org/images/background.png?_unique=0.540509402680922&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.h2thintv.com/tv&_title=Happy%20Healthy%20Thin&_key=qifl9dxx&_page_key=9pnkkqvt4cm845f8&_fid=10279343&_fspos=27&_fvrs=1&_funnel_stat=0&_location=https://www.h2thintv.com/tv&_referrer=
IP 104.16.13.194:0
GET /images/background.png?_unique=0.540509402680922&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//www.h2thintv.com/tv&_title=Happy%20Healthy%20Thin&_key=qifl9dxx&_page_key=9pnkkqvt4cm845f8&_fid=10279343&_fspos=27&_fvrs=1&_funnel_stat=0&_location=https://www.h2thintv.com/tv&_referrer= HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:28 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 7733e12418b0b500-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: cc1591b77c2bce0d683e953077a0d720
x-runtime: 0.023408
set-cookie: __cf_bm=oraeQuQByCwKrbsWupwiO7n_xAev0ocZjJSKd6M455w-1669982188-0-AaI8nmfx7yDbyDPAWw4vOZeBVQpQ3QsH7QOo9xBzhAvmVb+6+//csp2A9XRJaarmxYFjAn5kLXYyO8rlyI9KetLM3LQzIDxjnJrrJgttKhg2; path=/; expires=Fri, 02-Dec-22 12:26:28 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
happyhealthythin.org/hosted/images/17/661f51982640219b2b8027fa1cbb21/kendra-before-after-dallas-tx-1.png
104.16.13.194200 OK 0 B URL HTTP/2 happyhealthythin.org/hosted/images/17/661f51982640219b2b8027fa1cbb21/kendra-before-after-dallas-tx-1.png
IP 104.16.13.194:0
GET /hosted/images/17/661f51982640219b2b8027fa1cbb21/kendra-before-after-dallas-tx-1.png HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: image/png
content-length: 372293
cf-ray: 7733e11a7ba3b500-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "1071f3860cdc7a81c809c2b822960355"
last-modified: Mon, 15 Mar 2021 23:32:58 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
set-cookie: __cf_bm=HAzYAEKJm3O1aVGZUUYK4tWhmqKRYD2O_RTeAfD.2cE-1669982187-0-Aa+Xzc/nhMqgRmW7lzCIrJs74ANiOEkaI3eTJLUZ/GDcd+4eoCVIinUA8fQuyKgLPHGK8InBCx+d5VHeJUHU/IiFtCYJkgJNqaduEUYvl395; path=/; expires=Fri, 02-Dec-22 12:26:27 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=R29FbHNnUlFwaDU0eWtBaDl0UlBEdz09LS1PV2lPbU4zYzNVd2hCRy9WR1REdklBPT0%3D--5161ab0147c5bc0ed3dcbf22f3dab788ac233d41&page_id=TWU4aHI5YjlhR1RvWmpvUWIzSUlBQT09LS1CNE91bzBFQlBKSFRLajVwZEFxcnl3PT0%3D--14cc4e8e47c20bccafc8e3c804a5ae2b6c451d92&funnel_step_id=QklQS1ZTSzVYVElNOWxndytHcmZSQT09LS1YTHNxQWg3N2dpQUM2ZEVGM3NnRW5BPT0%3D--0df979a77b6ceae46a2a6ce95164f6f6c3fa6f65&user_id=dkZ6ekpJTjFvVEpqR2hhUzBCTUR1QT09LS1jKzYwR2tCU0pTQ3VUTWgrRGZGeXJ3PT0%3D--72edb083e19211fc665d765584bbc0d2ae415a76&account_id=R3VNYmYrL0N1M1c2aUxzVmVtK0h2UT09LS02cU0xOTNBblVYeGFJcURSS0ZNZ0hBPT0%3D--b95b8e9c7cebff3571b3fb0a5d1b609d0f878e54&page_code=NDY4NDczMTk%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=a06c1e33-95ea-4a7c-88fe-5974922936b5&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv
104.16.13.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=R29FbHNnUlFwaDU0eWtBaDl0UlBEdz09LS1PV2lPbU4zYzNVd2hCRy9WR1REdklBPT0%3D--5161ab0147c5bc0ed3dcbf22f3dab788ac233d41&page_id=TWU4aHI5YjlhR1RvWmpvUWIzSUlBQT09LS1CNE91bzBFQlBKSFRLajVwZEFxcnl3PT0%3D--14cc4e8e47c20bccafc8e3c804a5ae2b6c451d92&funnel_step_id=QklQS1ZTSzVYVElNOWxndytHcmZSQT09LS1YTHNxQWg3N2dpQUM2ZEVGM3NnRW5BPT0%3D--0df979a77b6ceae46a2a6ce95164f6f6c3fa6f65&user_id=dkZ6ekpJTjFvVEpqR2hhUzBCTUR1QT09LS1jKzYwR2tCU0pTQ3VUTWgrRGZGeXJ3PT0%3D--72edb083e19211fc665d765584bbc0d2ae415a76&account_id=R3VNYmYrL0N1M1c2aUxzVmVtK0h2UT09LS02cU0xOTNBblVYeGFJcURSS0ZNZ0hBPT0%3D--b95b8e9c7cebff3571b3fb0a5d1b609d0f878e54&page_code=NDY4NDczMTk%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=a06c1e33-95ea-4a7c-88fe-5974922936b5&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv
IP 104.16.13.194:0
GET /userevents/?funnel_id=R29FbHNnUlFwaDU0eWtBaDl0UlBEdz09LS1PV2lPbU4zYzNVd2hCRy9WR1REdklBPT0%3D--5161ab0147c5bc0ed3dcbf22f3dab788ac233d41&page_id=TWU4aHI5YjlhR1RvWmpvUWIzSUlBQT09LS1CNE91bzBFQlBKSFRLajVwZEFxcnl3PT0%3D--14cc4e8e47c20bccafc8e3c804a5ae2b6c451d92&funnel_step_id=QklQS1ZTSzVYVElNOWxndytHcmZSQT09LS1YTHNxQWg3N2dpQUM2ZEVGM3NnRW5BPT0%3D--0df979a77b6ceae46a2a6ce95164f6f6c3fa6f65&user_id=dkZ6ekpJTjFvVEpqR2hhUzBCTUR1QT09LS1jKzYwR2tCU0pTQ3VUTWgrRGZGeXJ3PT0%3D--72edb083e19211fc665d765584bbc0d2ae415a76&account_id=R3VNYmYrL0N1M1c2aUxzVmVtK0h2UT09LS02cU0xOTNBblVYeGFJcURSS0ZNZ0hBPT0%3D--b95b8e9c7cebff3571b3fb0a5d1b609d0f878e54&page_code=NDY4NDczMTk%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=a06c1e33-95ea-4a7c-88fe-5974922936b5&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: text/html
cf-ray: 7733e11ecaf3b515-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: b9af4fd39cd3e147f2dffa62efdfd533
x-runtime: 0.036448
set-cookie: __cf_bm=knCg.OrBaegZT.VsM7BJwvunfMgQNv9OA5w9Q1q3m0Q-1669982187-0-AfARmPL+y4f5dLruB5UAoyJNE3OwA4+u5DA0AX/asteyQvLfL3nvOhxcPWINc/edU9NA+P/0kc0dHfaCtSY1RvpjIaV/LAmumHJf5YOO9XM3; path=/; expires=Fri, 02-Dec-22 12:26:27 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=R29FbHNnUlFwaDU0eWtBaDl0UlBEdz09LS1PV2lPbU4zYzNVd2hCRy9WR1REdklBPT0%3D--5161ab0147c5bc0ed3dcbf22f3dab788ac233d41&page_id=TWU4aHI5YjlhR1RvWmpvUWIzSUlBQT09LS1CNE91bzBFQlBKSFRLajVwZEFxcnl3PT0%3D--14cc4e8e47c20bccafc8e3c804a5ae2b6c451d92&funnel_step_id=QklQS1ZTSzVYVElNOWxndytHcmZSQT09LS1YTHNxQWg3N2dpQUM2ZEVGM3NnRW5BPT0%3D--0df979a77b6ceae46a2a6ce95164f6f6c3fa6f65&user_id=dkZ6ekpJTjFvVEpqR2hhUzBCTUR1QT09LS1jKzYwR2tCU0pTQ3VUTWgrRGZGeXJ3PT0%3D--72edb083e19211fc665d765584bbc0d2ae415a76&account_id=R3VNYmYrL0N1M1c2aUxzVmVtK0h2UT09LS02cU0xOTNBblVYeGFJcURSS0ZNZ0hBPT0%3D--b95b8e9c7cebff3571b3fb0a5d1b609d0f878e54&page_code=NDY4NDczMTk%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=b79e7fb5-cac8-4577-bf03-f751dd7bc324&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv
104.16.13.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=R29FbHNnUlFwaDU0eWtBaDl0UlBEdz09LS1PV2lPbU4zYzNVd2hCRy9WR1REdklBPT0%3D--5161ab0147c5bc0ed3dcbf22f3dab788ac233d41&page_id=TWU4aHI5YjlhR1RvWmpvUWIzSUlBQT09LS1CNE91bzBFQlBKSFRLajVwZEFxcnl3PT0%3D--14cc4e8e47c20bccafc8e3c804a5ae2b6c451d92&funnel_step_id=QklQS1ZTSzVYVElNOWxndytHcmZSQT09LS1YTHNxQWg3N2dpQUM2ZEVGM3NnRW5BPT0%3D--0df979a77b6ceae46a2a6ce95164f6f6c3fa6f65&user_id=dkZ6ekpJTjFvVEpqR2hhUzBCTUR1QT09LS1jKzYwR2tCU0pTQ3VUTWgrRGZGeXJ3PT0%3D--72edb083e19211fc665d765584bbc0d2ae415a76&account_id=R3VNYmYrL0N1M1c2aUxzVmVtK0h2UT09LS02cU0xOTNBblVYeGFJcURSS0ZNZ0hBPT0%3D--b95b8e9c7cebff3571b3fb0a5d1b609d0f878e54&page_code=NDY4NDczMTk%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=b79e7fb5-cac8-4577-bf03-f751dd7bc324&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv
IP 104.16.13.194:0
GET /userevents/?funnel_id=R29FbHNnUlFwaDU0eWtBaDl0UlBEdz09LS1PV2lPbU4zYzNVd2hCRy9WR1REdklBPT0%3D--5161ab0147c5bc0ed3dcbf22f3dab788ac233d41&page_id=TWU4aHI5YjlhR1RvWmpvUWIzSUlBQT09LS1CNE91bzBFQlBKSFRLajVwZEFxcnl3PT0%3D--14cc4e8e47c20bccafc8e3c804a5ae2b6c451d92&funnel_step_id=QklQS1ZTSzVYVElNOWxndytHcmZSQT09LS1YTHNxQWg3N2dpQUM2ZEVGM3NnRW5BPT0%3D--0df979a77b6ceae46a2a6ce95164f6f6c3fa6f65&user_id=dkZ6ekpJTjFvVEpqR2hhUzBCTUR1QT09LS1jKzYwR2tCU0pTQ3VUTWgrRGZGeXJ3PT0%3D--72edb083e19211fc665d765584bbc0d2ae415a76&account_id=R3VNYmYrL0N1M1c2aUxzVmVtK0h2UT09LS02cU0xOTNBblVYeGFJcURSS0ZNZ0hBPT0%3D--b95b8e9c7cebff3571b3fb0a5d1b609d0f878e54&page_code=NDY4NDczMTk%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=b79e7fb5-cac8-4577-bf03-f751dd7bc324&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: text/html
cf-ray: 7733e11ecaf2b515-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: ea821f8055af80e3f25b905073cd3950
x-runtime: 0.028798
set-cookie: __cf_bm=WmppGFF.lN0GGtCaYePf7B.S7JL0KL4BfBe1On25Be0-1669982187-0-AfO3XjTgdSX/UOptKbFx40dBsG1Q1agnzQm2Z31KZe12yNwbeoFmDYYsR5DXG4uBNVHRF8SoLwrnr2dt2VLVp94rN+ow3Zka5TizUDxacbrh; path=/; expires=Fri, 02-Dec-22 12:26:27 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.h2thintv.com/tv
104.16.16.194200 OK 0 B IP 104.16.16.194:0
Analyzer Verdict Alert fortinet Phishing
GET /tv HTTP/1.1
Host: www.h2thintv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=3GiyOFFuQSr.wNdJzI.gbEVb_XBhYQk5Sov0xRvHpT4-1669982186-0-Ae8NhZKx7qdAfafHrG+Mk1bYKzrHsZy2m4rA72wxRMeLrPs04YY81sssUMNC2aEwgZ5tPmVBg8G1/cQf2kmeNqQI8EMIIWtWr1ztQuwGSXSW
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: text/html; charset=utf-8
cf-ray: 7733e1170c88b509-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Sun, 01 May 2022 11:03:54 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 3e33a81aee29f14828dea1e27b629ccd7dd3f155
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: aef4ee110819aecefef777c86b34135c
x-runtime: 0.656423
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
happyhealthythin.org/vendor.js
104.16.13.194200 OK 0 B URL HTTP/2 happyhealthythin.org/vendor.js
IP 104.16.13.194:0
GET /vendor.js HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Cookie: __cf_bm=ufMDXQ4q_oCtP2XfcrgV_ZjIr4dCrSRFVhepiAUXsfo-1669982187-0-Aa2QoWzQfBNOz7XxkMkYojWbyBKYtCyHGl/E5m7VJsoUwmqePL9s00N6fjd8X7b5pkuYD5WQ3oqc6fbzTVwEndaEOP/u23luZuWsmQeVwOAo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: application/javascript
cf-ray: 7733e11e58adb500-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: e46487a74b860bf8e29e778203daa45a
x-runtime: 0.020665
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
143.204.55.15200 OK 0 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
IP 143.204.55.15:0
GET /v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/elements-inner-card-ec7287455cc0c5e0f6ee87741472b0fb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 01 Dec 2022 20:24:33 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Fri, 02 Dec 2022 11:26:28 GMT
cache-control: max-age=31536000
etag: W/"832027d4f329e8e74a84506a015a58df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pgFmbFor3R1p4nkcnGAEfYJxkAd-ZqMxxlpSB-jggBkpYwYQDyiASQ==
age: 1822
X-Firefox-Spdy: h2
happyhealthythin.org/assets/userevents/application.js
104.16.13.194200 OK 0 B URL HTTP/2 happyhealthythin.org/assets/userevents/application.js
IP 104.16.13.194:0
GET /assets/userevents/application.js HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: application/x-javascript
cf-ray: 7733e11abc0fb500-OSL
access-control-allow-origin: *
age: 80
cache-control: public, max-age=1200
etag: W/"637bf173-147c"
expires: Fri, 02 Dec 2022 12:16:26 GMT
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=a9Z2yfaxmDjL20LWQbicY7a.Qo5DH5WgsBT.saBahY4-1669982186-0-AUf5OSEnjcxKbNCQtWAN/hxS7+7gSW8gg/WAMzq71NORqii7/9Ic1jMH+X7xIlzqXfZ2HZkTDaK+6Jc9yCIID0uRxi6rnHvUXhJvtFNn/GQy; path=/; expires=Fri, 02-Dec-22 12:26:26 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
happyhealthythin.org/cf_stripe_orders.js
104.16.13.194200 OK 0 B URL HTTP/2 happyhealthythin.org/cf_stripe_orders.js
IP 104.16.13.194:0
GET /cf_stripe_orders.js HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: application/x-javascript
cf-ray: 7733e11a8bbab500-OSL
access-control-allow-origin: *
etag: W/"637bf173-4711"
last-modified: Mon, 21 Nov 2022 21:45:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=nPBot0P9HnVbvHuPqDilSMUn5TUzcYnbxrD5NeyehIs-1669982186-0-AaBymU61r2FeOLMr250p4vbRJaQwY85aQLOjOhF2nQsEtR911L1F4CzM+z232w/uolb96f9LEKfuldtpsTWsOtJfbtZgVQn9GkVOtnjTAnlz; path=/; expires=Fri, 02-Dec-22 12:26:26 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/elements-inner-card-afcb7de82bc065c342cc1e4e30b9f778.js
143.204.55.15200 OK 0 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/elements-inner-card-afcb7de82bc065c342cc1e4e30b9f778.js
IP 143.204.55.15:0
GET /v3/fingerprinted/js/elements-inner-card-afcb7de82bc065c342cc1e4e30b9f778.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/elements-inner-card-ec7287455cc0c5e0f6ee87741472b0fb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 01 Dec 2022 20:24:31 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Fri, 02 Dec 2022 11:27:52 GMT
cache-control: max-age=31536000
etag: W/"0c7de4280ba2475522a2e71ed35ce51a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JCGvgGN7bW2UuWjAndsNlgIsJ8xjX2Go8QXcS0u371fdCPKkoikI-w==
age: 1794
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=R29FbHNnUlFwaDU0eWtBaDl0UlBEdz09LS1PV2lPbU4zYzNVd2hCRy9WR1REdklBPT0%3D--5161ab0147c5bc0ed3dcbf22f3dab788ac233d41&page_id=TWU4aHI5YjlhR1RvWmpvUWIzSUlBQT09LS1CNE91bzBFQlBKSFRLajVwZEFxcnl3PT0%3D--14cc4e8e47c20bccafc8e3c804a5ae2b6c451d92&funnel_step_id=QklQS1ZTSzVYVElNOWxndytHcmZSQT09LS1YTHNxQWg3N2dpQUM2ZEVGM3NnRW5BPT0%3D--0df979a77b6ceae46a2a6ce95164f6f6c3fa6f65&user_id=dkZ6ekpJTjFvVEpqR2hhUzBCTUR1QT09LS1jKzYwR2tCU0pTQ3VUTWgrRGZGeXJ3PT0%3D--72edb083e19211fc665d765584bbc0d2ae415a76&account_id=R3VNYmYrL0N1M1c2aUxzVmVtK0h2UT09LS02cU0xOTNBblVYeGFJcURSS0ZNZ0hBPT0%3D--b95b8e9c7cebff3571b3fb0a5d1b609d0f878e54&page_code=NDY4NDczMTk%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=268ea31e-bbc7-436d-9ee0-2812b6119a85&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv
104.16.13.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=R29FbHNnUlFwaDU0eWtBaDl0UlBEdz09LS1PV2lPbU4zYzNVd2hCRy9WR1REdklBPT0%3D--5161ab0147c5bc0ed3dcbf22f3dab788ac233d41&page_id=TWU4aHI5YjlhR1RvWmpvUWIzSUlBQT09LS1CNE91bzBFQlBKSFRLajVwZEFxcnl3PT0%3D--14cc4e8e47c20bccafc8e3c804a5ae2b6c451d92&funnel_step_id=QklQS1ZTSzVYVElNOWxndytHcmZSQT09LS1YTHNxQWg3N2dpQUM2ZEVGM3NnRW5BPT0%3D--0df979a77b6ceae46a2a6ce95164f6f6c3fa6f65&user_id=dkZ6ekpJTjFvVEpqR2hhUzBCTUR1QT09LS1jKzYwR2tCU0pTQ3VUTWgrRGZGeXJ3PT0%3D--72edb083e19211fc665d765584bbc0d2ae415a76&account_id=R3VNYmYrL0N1M1c2aUxzVmVtK0h2UT09LS02cU0xOTNBblVYeGFJcURSS0ZNZ0hBPT0%3D--b95b8e9c7cebff3571b3fb0a5d1b609d0f878e54&page_code=NDY4NDczMTk%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=268ea31e-bbc7-436d-9ee0-2812b6119a85&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv
IP 104.16.13.194:0
GET /userevents/?funnel_id=R29FbHNnUlFwaDU0eWtBaDl0UlBEdz09LS1PV2lPbU4zYzNVd2hCRy9WR1REdklBPT0%3D--5161ab0147c5bc0ed3dcbf22f3dab788ac233d41&page_id=TWU4aHI5YjlhR1RvWmpvUWIzSUlBQT09LS1CNE91bzBFQlBKSFRLajVwZEFxcnl3PT0%3D--14cc4e8e47c20bccafc8e3c804a5ae2b6c451d92&funnel_step_id=QklQS1ZTSzVYVElNOWxndytHcmZSQT09LS1YTHNxQWg3N2dpQUM2ZEVGM3NnRW5BPT0%3D--0df979a77b6ceae46a2a6ce95164f6f6c3fa6f65&user_id=dkZ6ekpJTjFvVEpqR2hhUzBCTUR1QT09LS1jKzYwR2tCU0pTQ3VUTWgrRGZGeXJ3PT0%3D--72edb083e19211fc665d765584bbc0d2ae415a76&account_id=R3VNYmYrL0N1M1c2aUxzVmVtK0h2UT09LS02cU0xOTNBblVYeGFJcURSS0ZNZ0hBPT0%3D--b95b8e9c7cebff3571b3fb0a5d1b609d0f878e54&page_code=NDY4NDczMTk%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=268ea31e-bbc7-436d-9ee0-2812b6119a85&url=https%3A%2F%2Fwww.h2thintv.com%2Ftv HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.h2thintv.com
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Fri, 02 Dec 2022 11:56:27 GMT
content-type: text/html
cf-ray: 7733e11ecae2b515-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: fbca6d698e399df0a5a2dd08543c2b32
x-runtime: 0.040208
set-cookie: __cf_bm=Qnu1V09DHfsmckqMwz3trEOhw19i3GQVqJMs0pTr8mE-1669982187-0-AQIGLp8yKdBNi4IgftI/MAvLUIqQ64Su2MRQe5kdMKzSzdpYzWB8iHZ/yUfCdSZy4ypfodpcM6Vf11ocFq8Ze9BvSlFmD8iuIYnbYPsLDdX3; path=/; expires=Fri, 02-Dec-22 12:26:27 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: text/css
x-amz-id-2: WpVlr9E4LNAdFsXi6U7ITEvBAF0od/nY8z13ckAJA/I/wFoGHyoSwlXOyhWr8pqbj6dB1MeQp5k=
x-amz-request-id: CN86A7VHSM61Q680
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1640092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IT6yi8RgP4cb1DOJ50py30S9SLz8%2FV21hdHJ0JI4c0hbWcj9Y2xEDpL63%2FsKtQO4EXndjR%2F%2FgM%2BH2ujxq3MNGpJH90aj9EYqBB3NV%2B5BkhnYCOZ4UXcWu4TUtPPhsosh56ULfxY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7733e11a2da0070e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.stripe.com/v3/
143.204.55.15200 OK 0 B IP 143.204.55.15:0
GET /v3/ HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 01 Dec 2022 21:17:14 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Fri, 02 Dec 2022 11:55:48 GMT
cache-control: max-age=60
etag: W/"f60450f904c88c375f2155e2cc09c458"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T2P3yHg6LYpv583y-h2cztsPsvqV8nvNBXY7EYAEK5wMV0PoL6qntQ==
age: 39
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/ui-shared-51268caf2137e3b90b1b15201259f893.js
143.204.55.15200 OK 0 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/ui-shared-51268caf2137e3b90b1b15201259f893.js
IP 143.204.55.15:0
GET /v3/fingerprinted/js/ui-shared-51268caf2137e3b90b1b15201259f893.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/elements-inner-card-ec7287455cc0c5e0f6ee87741472b0fb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 01 Dec 2022 20:24:33 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Fri, 02 Dec 2022 11:26:32 GMT
cache-control: max-age=31536000
etag: W/"fd02a894df1e70ad0370116c86665284"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vsjIXdIyebCBJEut4lEMO-WBZFF_kYYznIYzcu7zpM4PD7xK3z6vpw==
age: 1795
X-Firefox-Spdy: h2
happyhealthythin.org/assets/lander.js
104.16.13.194200 OK 0 B URL HTTP/2 happyhealthythin.org/assets/lander.js
IP 104.16.13.194:0
GET /assets/lander.js HTTP/1.1
Host: happyhealthythin.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.h2thintv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 11:56:26 GMT
content-type: application/x-javascript
cf-ray: 7733e11aabebb500-OSL
access-control-allow-origin: *
age: 80
cache-control: public, max-age=1200
etag: W/"637bf1b5-2391a3"
expires: Fri, 02 Dec 2022 12:16:26 GMT
last-modified: Mon, 21 Nov 2022 21:46:29 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=lfp7q4P2aWwKxbPaZLOU0wvqcAP3OuzW0KkMMlsmryQ-1669982186-0-AV9qOz4WZJ0b/wVMlNa9hQi1+pRLOKFMa2kglY9nE+F2U0venBrgYMShsVbVwqgOQmFvYZZPpWuv3gF+U2hGRgrDOdVDRkOgOFIgHVrHT5Nr; path=/; expires=Fri, 02-Dec-22 12:26:26 GMT; domain=.happyhealthythin.org; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=clO33eryRCmrTN5x5jLqixEv0VnBRg9xoGEFLZNoqZg-1669982186-0-AU1WKByLxqqQUda7tbeALH3nN1iQSUZrNOATJfkgdUKdX8vvarpKJiRYU263C472G9e_AvAuiKvcn4eveT7iXchgWRQsrlfBPxBlGU6WjbCn"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=clO33eryRCmrTN5x5jLqixEv0VnBRg9xoGEFLZNoqZg-1669982186-0-AU1WKByLxqqQUda7tbeALH3nN1iQSUZrNOATJfkgdUKdX8vvarpKJiRYU263C472G9e_AvAuiKvcn4eveT7iXchgWRQsrlfBPxBlGU6WjbCn; report-to cf-csp-endpoint
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/css/ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css
143.204.55.15200 OK 0 B URL HTTP/2 js.stripe.com/v3/fingerprinted/css/ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css
IP 143.204.55.15:0
GET /v3/fingerprinted/css/ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/elements-inner-card-ec7287455cc0c5e0f6ee87741472b0fb.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
last-modified: Thu, 17 Nov 2022 21:36:36 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Fri, 02 Dec 2022 11:03:47 GMT
cache-control: max-age=31536000
etag: W/"946f1f202e973574c4704321cd043858"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JeKhblaUCdN3rOH8FLr7GlmsSo0biaX31fJPXF_L6vBWfhbyOP9rjQ==
age: 3335
X-Firefox-Spdy: h2