shopping.teahfd.com/dhlexp2m/dhl/
185.151.30.158301 Moved Permanently 0 B URL HTTP/1.1 shopping.teahfd.com/dhlexp2m/dhl/
IP 185.151.30.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /dhlexp2m/dhl/ HTTP/1.1
Host: shopping.teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
date: Fri, 23 Sep 2022 20:14:05 GMT
content-length: 0
location: https://shopping.teahfd.com/dhlexp2m/dhl/
x-cdn-cache-status: MISS
x-via: FRA1
firefox.settings.services.mozilla.com/v1/
18.165.201.83200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 20:05:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d1187be634e389e2e876be936bba8e74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 8vPKopEjFhtfJVrzjNZSHzUxy6xPOPDl5xrEZAM45J5dLEp4UOy13w==
Age: 532
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14862
Expires: Sat, 24 Sep 2022 00:21:49 GMT
Date: Fri, 23 Sep 2022 20:14:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.39200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.39:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 90b0c7315c3da3c762112b5b8fdfc0aa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 4F3KLH5THu9Ke-PZPheOEkpVCgIOL06zFYUCC5WRATDAeRKtJjAQwg==
age: 57665
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 05d5af5f8b83f51a90784fd3df32c6fb
01a8ea25330ccb37b09024b5e0f4937e4260ee1e
648dca147ac64dba5fab2ae2fbfd69d0289075448db40d909d652a1562bb78ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "648DCA147AC64DBA5FAB2AE2FBFD69D0289075448DB40D909D652A1562BB78CA"
Last-Modified: Wed, 21 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21524
Expires: Sat, 24 Sep 2022 02:12:51 GMT
Date: Fri, 23 Sep 2022 20:14:07 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.83200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 19:33:00 GMT
Expires: Fri, 23 Sep 2022 20:31:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 19d5615c4d307c11803beb015d8f6562.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: V2c4gp2zrSrmb3QtPRCzo_e-zKCwemTtOqQTEvFxRopWPLIu6XnTpQ==
Age: 2467
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f714931cf870bfa33815fd259b7246fd
38e411ef8ca1b31ead8415ee5f21d98bd9653a86
897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4080
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:08 GMT
Last-Modified: Fri, 23 Sep 2022 19:06:08 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8I4CwTAhq9KnRU/8qYfUDQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bARrsj9zSHwh1YR3qVOoXAtFIEA=
teahfd.com/wp-content/plugins,_indeed-membership-pro,_assets,_css,_templates.min.css,qver==10.2+plugins,_table-of-contents-plus,_screen.min.css,qver==2106+plugins,_taqyeem-buttons,_assets,_style.css,qver==6.0.2+themes,_jannah,_assets,_css,_plugins,_woocommerce.min.css,qver==5.4.10.pagespeed.cc.oJPAaT4KdY.css
185.151.30.158200 OK 29 kB URL HTTP/2 teahfd.com/wp-content/plugins,_indeed-membership-pro,_assets,_css,_templates.min.css,qver==10.2+plugins,_table-of-contents-plus,_screen.min.css,qver==2106+plugins,_taqyeem-buttons,_assets,_style.css,qver==6.0.2+themes,_jannah,_assets,_css,_plugins,_woocommerce.min.css,qver==5.4.10.pagespeed.cc.oJPAaT4KdY.css
IP 185.151.30.158:0
File type ASCII text, with very long lines (65371), with CRLF line terminators
Hash 6914ba2899c0c75a2cf6952f3cbe2ed2
7992287d94be7ee4707703d565d512a6b2a45e85
6cda499d6e4425d055f1dbf2662f7b40d91a0cd0f3db45810cb47f5afba9cf59
GET /wp-content/plugins,_indeed-membership-pro,_assets,_css,_templates.min.css,qver==10.2+plugins,_table-of-contents-plus,_screen.min.css,qver==2106+plugins,_taqyeem-buttons,_assets,_style.css,qver==6.0.2+themes,_jannah,_assets,_css,_plugins,_woocommerce.min.css,qver==5.4.10.pagespeed.cc.oJPAaT4KdY.css HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: text/css
content-length: 28595
server: Apache
x-provided-by: StackCDN
x-origin-cache-status: HIT
expires: Sat, 23 Sep 2023 18:22:05 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 23 Sep 2022 18:22:05 GMT
x-original-content-length: 261800
vary: Accept-Encoding
content-encoding: gzip
x-cdn-cache-status: HIT
accept-ranges: bytes
x-via: FRA1
X-Firefox-Spdy: h2
teahfd.com/wp-content/plugins,_wccp-pro,_css-protect.css,qwccp_ver_num==1,aver==10.9.2+plugins,_wccp-pro,_css,_print-protection.css,qwccp_ver_num==1,aver==6.0.2+themes,_jannah,_assets,_css,_base.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_style.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_widgets.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_helpers.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_fontawesome.css,qver==5.4.10+themes,_jannah,_assets,_ilightbox,_dark-skin,_skin.css,qver==5.4.10+themes,_jannah,_assets,_css,_plugins,_shortcodes.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_plugins,_taqyeem.min.css,qver==5.4.10+themes,_jannah-child,_style.css,qver==6.0.2.pagespeed.cc.G4yvkpy8j-.css
185.151.30.158200 OK 68 kB URL HTTP/2 teahfd.com/wp-content/plugins,_wccp-pro,_css-protect.css,qwccp_ver_num==1,aver==10.9.2+plugins,_wccp-pro,_css,_print-protection.css,qwccp_ver_num==1,aver==6.0.2+themes,_jannah,_assets,_css,_base.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_style.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_widgets.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_helpers.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_fontawesome.css,qver==5.4.10+themes,_jannah,_assets,_ilightbox,_dark-skin,_skin.css,qver==5.4.10+themes,_jannah,_assets,_css,_plugins,_shortcodes.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_plugins,_taqyeem.min.css,qver==5.4.10+themes,_jannah-child,_style.css,qver==6.0.2.pagespeed.cc.G4yvkpy8j-.css
IP 185.151.30.158:0
File type ASCII text, with very long lines (41903), with CRLF, LF line terminators
Hash a9519878ed960a7f488102beb3a80be9
58de180e44d0bfc3da6df467fca88358983a7891
8fcbe834da62985e307d5cbfc3dc64f6b825944098fc233e8cb34c3c3a11989a
GET /wp-content/plugins,_wccp-pro,_css-protect.css,qwccp_ver_num==1,aver==10.9.2+plugins,_wccp-pro,_css,_print-protection.css,qwccp_ver_num==1,aver==6.0.2+themes,_jannah,_assets,_css,_base.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_style.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_widgets.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_helpers.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_fontawesome.css,qver==5.4.10+themes,_jannah,_assets,_ilightbox,_dark-skin,_skin.css,qver==5.4.10+themes,_jannah,_assets,_css,_plugins,_shortcodes.min.css,qver==5.4.10+themes,_jannah,_assets,_css,_plugins,_taqyeem.min.css,qver==5.4.10+themes,_jannah-child,_style.css,qver==6.0.2.pagespeed.cc.G4yvkpy8j-.css HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: text/css
content-length: 67885
server: Apache
x-provided-by: StackCDN
x-origin-cache-status: HIT
expires: Sat, 23 Sep 2023 19:21:03 GMT
cache-control: max-age=31536000
etag: W/"0"
last-modified: Fri, 23 Sep 2022 19:21:03 GMT
x-original-content-length: 378886
vary: Accept-Encoding
content-encoding: gzip
x-cdn-cache-status: HIT
accept-ranges: bytes
x-via: FRA1
X-Firefox-Spdy: h2
teahfd.com/wp-content/plugins/indeed-membership-pro/assets/js/jquery-ui.min.js,qver=10.2.pagespeed.jm.s2mSxpWRzQ.js
185.151.30.158200 OK 6.8 kB URL HTTP/2 teahfd.com/wp-content/plugins/indeed-membership-pro/assets/js/jquery-ui.min.js,qver=10.2.pagespeed.jm.s2mSxpWRzQ.js
IP 185.151.30.158:0
File type ASCII text, with very long lines (22023)
Hash 9afc04c35f733e34ba4076a66567ad96
5c0b3ae99a49e6ff7b99618e784354efd55e1504
4d61cd72a4fb4a675286b54c05a0551ae571d0ae014b74a340fe8675bdee5e92
GET /wp-content/plugins/indeed-membership-pro/assets/js/jquery-ui.min.js,qver=10.2.pagespeed.jm.s2mSxpWRzQ.js HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: application/javascript
content-length: 6759
server: Apache
x-provided-by: StackCDN
last-modified: Thu, 23 Dec 2021 13:28:11 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: HIT
accept-ranges: bytes
x-original-content-length: 22238
content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 23 Sep 2022 18:27:05 GMT
cache-control: max-age=300,private
x-cdn-cache-status: MISS
x-via: FRA1
X-Firefox-Spdy: h2
teahfd.com/wp-content/plugins/indeed-membership-pro/assets/js/functions.min.js,qver=10.2.pagespeed.jm.tWTlcYG2Hp.js
185.151.30.158200 OK 5.6 kB URL HTTP/2 teahfd.com/wp-content/plugins/indeed-membership-pro/assets/js/functions.min.js,qver=10.2.pagespeed.jm.tWTlcYG2Hp.js
IP 185.151.30.158:0
File type ASCII text, with very long lines (614), with CRLF line terminators
Hash d4faae2b05d94fa249c81dff80c75548
7a84be0bafdd50c8f353c95c247cfb31ff6a7f38
eab2532dca128df816b3e0a720fb4bf53c9f49abc3427feb3e18485ca9aa8590
GET /wp-content/plugins/indeed-membership-pro/assets/js/functions.min.js,qver=10.2.pagespeed.jm.tWTlcYG2Hp.js HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: application/javascript
content-length: 5592
server: Apache
x-provided-by: StackCDN
last-modified: Thu, 23 Dec 2021 13:28:11 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: HIT
accept-ranges: bytes
x-original-content-length: 21724
content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 23 Sep 2022 20:18:28 GMT
cache-control: max-age=300,private
x-cdn-cache-status: MISS
x-via: FRA1
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 4.5 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (11126)
Hash a64e4d755231439e72bbb61c69390a11
8cfaac6f4370b5ca9bd338f5bc135c30988d018c
177384356a62c58c66ad8af562e790a8f830e0d7d7206c75894b90e440a95854
GET /c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
teahfd.com/wp-content/plugins/contact-form-7/includes/js/index.js,qver=5.6.3.pagespeed.ce.Pz_CP0d6OE.js
185.151.30.158200 OK 4.7 kB URL HTTP/2 teahfd.com/wp-content/plugins/contact-form-7/includes/js/index.js,qver=5.6.3.pagespeed.ce.Pz_CP0d6OE.js
IP 185.151.30.158:0
Hash 4f9e6c271884ec04ea798b7cab577a1f
7080ee2b6f5a73d8d2866435b7c9197578e63055
ab25145a0e98667bf422de02e63439dabfc03d15faa0f405202ef422926f5f97
GET /wp-content/plugins/contact-form-7/includes/js/index.js,qver=5.6.3.pagespeed.ce.Pz_CP0d6OE.js HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: Apache
x-provided-by: StackCDN
x-origin-cache-status: HIT
x-original-content-length: 12211
last-modified: Thu, 01 Sep 2022 15:33:32 GMT
expires: Sat, 23 Sep 2023 17:17:43 GMT
cache-control: max-age=31536000
etag: W/"0"
content-encoding: gzip
x-cdn-cache-status: HIT
x-via: FRA1
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.3/assets/js/jquery-blockui/jquery.blockUI.min.js
192.0.77.37200 OK 3.5 kB URL HTTP/2 c0.wp.com/p/woocommerce/6.9.3/assets/js/jquery-blockui/jquery.blockUI.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (9115)
Hash d3740e9d7981123660e2d2a0ca243086
de2fb6357658ed3bd31ee67f4b6988db58f7db29
102814a0f6425d4abdcd1112478f8b6376021ad4aaedfc6c27b85cd93b23a4ad
GET /p/woocommerce/6.9.3/assets/js/jquery-blockui/jquery.blockUI.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 19:16:40 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-207931748-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-207931748-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 10f058490aab5350626af2968fb472d4
f7adf5cb6e7b491a917dfc1c1ec28343c0a63071
26f9e5ea95325ab16638a91805325d3defa48dbd3bbcf78182dc314a6fe42df8
GET /gtag/js?id=UA-207931748-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 20:14:08 GMT
expires: Fri, 23 Sep 2022 20:14:08 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42224
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
teahfd.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
185.151.30.158200 OK 40 kB URL HTTP/2 teahfd.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP 185.151.30.158:0
File type Web Open Font Format, TrueType, length 40536, version 2.0\012- data
Hash 9773facce663de3a1554b64583ae667c
f77938c8eb3bf18fc89fdfdf6653aaf2a6ea2a8e
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: font/woff
content-length: 40536
server: Apache
x-provided-by: StackCDN
last-modified: Sat, 09 Jul 2022 10:55:32 GMT
etag: "9e58-5e35d2867165e"
x-origin-cache-status: MISS
x-cdn-cache-status: HIT
accept-ranges: bytes
x-via: FRA1
X-Firefox-Spdy: h2
teahfd.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
185.151.30.158200 OK 14 kB URL HTTP/2 teahfd.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
IP 185.151.30.158:0
File type Web Open Font Format (Version 2), TrueType, length 13584, version 331.524\012- data
Hash c20b5b7362d8d7bb7eddf94344ace33e
260bb01acd44d88dcb7f501a238ab968f86bef9e
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2 HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: font/woff2
content-length: 13584
server: Apache
x-provided-by: StackCDN
last-modified: Sat, 09 Jul 2022 10:55:32 GMT
etag: "3510-5e35d2866cc26"
x-origin-cache-status: MISS
x-cdn-cache-status: HIT
accept-ranges: bytes
x-via: FRA1
X-Firefox-Spdy: h2
teahfd.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
185.151.30.158200 OK 79 kB URL HTTP/2 teahfd.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
IP 185.151.30.158:0
File type Web Open Font Format (Version 2), TrueType, length 79444, version 331.524\012- data
Hash b15db15f746f29ffa02638cb455b8ec0
75a88815c47a249eadb5f0edc1675957f860cca7
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2 HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: font/woff2
content-length: 79444
server: Apache
x-provided-by: StackCDN
last-modified: Sat, 09 Jul 2022 10:55:32 GMT
etag: "13654-5e35d2866b89e"
x-origin-cache-status: MISS
x-cdn-cache-status: HIT
accept-ranges: bytes
x-via: FRA1
X-Firefox-Spdy: h2
teahfd.com/wp-content/themes/jannah/assets/js,_scripts.min.js,qver==5.4.10+ilightbox,_lightbox.js,qver==5.4.10+js,_sliders.min.js,qver==5.4.10+js,_shortcodes.js,qver==5.4.10+js,_desktop.min.js,qver==5.4.10+js,_live-search.js,qver==5.4.10.pagespeed.jc.f1FVaQYQCn.js
185.151.30.158200 OK 57 kB URL HTTP/2 teahfd.com/wp-content/themes/jannah/assets/js,_scripts.min.js,qver==5.4.10+ilightbox,_lightbox.js,qver==5.4.10+js,_sliders.min.js,qver==5.4.10+js,_shortcodes.js,qver==5.4.10+js,_desktop.min.js,qver==5.4.10+js,_live-search.js,qver==5.4.10.pagespeed.jc.f1FVaQYQCn.js
IP 185.151.30.158:0
File type HTML document, ASCII text, with very long lines (41989)
Hash 727e17e9f25762c30645007467df6795
5936566a331c4bcc66cc5f5f84c3f87c8985a83e
094f85846e7f4303f9146ffe7ed46def5b97e99543ae4b0cd1bef4688c534127
GET /wp-content/themes/jannah/assets/js,_scripts.min.js,qver==5.4.10+ilightbox,_lightbox.js,qver==5.4.10+js,_sliders.min.js,qver==5.4.10+js,_shortcodes.js,qver==5.4.10+js,_desktop.min.js,qver==5.4.10+js,_live-search.js,qver==5.4.10.pagespeed.jc.f1FVaQYQCn.js HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: application/javascript
content-length: 56631
server: Apache
x-provided-by: StackCDN
x-origin-cache-status: HIT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 20:13:28 GMT
x-original-content-length: 195789
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 23 Sep 2022 20:18:28 GMT
cache-control: max-age=300,private
x-cdn-cache-status: MISS
x-via: FRA1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 184ed1f31829b7b24861984a05e5890c
e5167d03ff29d5e896e0059458d4a9f21b0ee8d2
ecab18f606c8ff5fc1763584035437818a0dec720772cbc707ab8a436a680899
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4814
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:08 GMT
Last-Modified: Fri, 23 Sep 2022 18:53:54 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
c0.wp.com/p/woocommerce/6.9.3/assets/js/js-cookie/js.cookie.min.js
192.0.77.37200 OK 1.4 kB URL HTTP/2 c0.wp.com/p/woocommerce/6.9.3/assets/js/js-cookie/js.cookie.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (1668)
Hash b5d52fc29f5f02efc8af3990bc6eb973
5e2dd75c2f903a7f9cd3c887393208876ee97ff9
95266998e4789f13b05a93e7dcfba0e7f260e69a344c95b6c90cf3c7a6b51c91
GET /p/woocommerce/6.9.3/assets/js/js-cookie/js.cookie.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jan 2021 23:55:30 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9d7ace908c8f41c1e9fc163aa88fef57
74b4182ba552e4d54f28025b7f92aac11d91ffba
4a4526311a4062b68049d85c3e9f050201614bfab0a8802d51b05f6c03f2c8ca
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4A4526311A4062B68049D85C3E9F050201614BFAB0A8802D51B05F6C03F2C8CA"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3432
Expires: Fri, 23 Sep 2022 21:11:20 GMT
Date: Fri, 23 Sep 2022 20:14:08 GMT
Connection: keep-alive
shopping.teahfd.com/dhlexp2m/dhl/
185.151.30.158404 Not Found 64 kB URL HTTP/2 shopping.teahfd.com/dhlexp2m/dhl/
IP 185.151.30.158:0
Hash ea79f4a21d68dca3c276dcaf02e31c9d
d530e94014b50babc92f5d2c61d491b247f35d5b
7670dfae882867f379514f74d57500094d97f36a153324b00c3b6d0c85503cfc
Analyzer Verdict Alert fortinet Phishing
GET /dhlexp2m/dhl/ HTTP/1.1
Host: shopping.teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, must-revalidate, max-age=0
server: Apache
x-powered-by: PHP/7.4.30
x-litespeed-tag: 0fa_HTTP.404
link: <https://teahfd.com/wp-json/>; rel="https://api.w.org/"
set-cookie: wccp_pro_functionality=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
ihc_workflow_restrictions_0=a%3A1%3A%7Bi%3A0%3Bi%3A38623%3B%7D; expires=Fri, 07-Oct-2022 20:14:08 GMT; Max-Age=1209600; path=/
x-provided-by: StackCDN
x-origin-cache-status: MISS
content-encoding: gzip
x-cdn-cache-status: MISS
x-via: FRA1
X-Firefox-Spdy: h2
teahfd.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.ttf
185.151.30.158200 OK 40 kB URL HTTP/2 teahfd.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.ttf
IP 185.151.30.158:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, tielabs-fonticon\012- data
Hash aef53ec161abd6f9e9026290e60594a5
4b5c0cd334b1b25b183f4051e3763cb4081bc645
a0e307d2fc68b5cb23689eeca51972ab0e6740c433ece3015430a89c8b1ffb38
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.ttf HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://teahfd.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: font/ttf
content-length: 40460
server: Apache
x-provided-by: StackCDN
last-modified: Sat, 09 Jul 2022 10:55:32 GMT
etag: "9e0c-5e35d28670e8e"
cache-control: max-age=86400
expires: Tue, 20 Sep 2022 05:27:46 GMT
vary: Accept-Encoding
x-origin-cache-status: REVALIDATED
x-cdn-cache-status: HIT
accept-ranges: bytes
x-via: FRA1
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=197029845&post=0&tz=0&srv=teahfd.com&host=shopping.teahfd.com&ref=&fcp=0&rand=0.009647334530089702
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=197029845&post=0&tz=0&srv=teahfd.com&host=shopping.teahfd.com&ref=&fcp=0&rand=0.009647334530089702
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.3.2&blog=197029845&post=0&tz=0&srv=teahfd.com&host=shopping.teahfd.com&ref=&fcp=0&rand=0.009647334530089702 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:09 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/teahfd.com/wp-content/uploads/2022/09/imgif.gif?resize=275%2C220&ssl=1
192.0.77.2200 OK 281 kB URL HTTP/2 i0.wp.com/teahfd.com/wp-content/uploads/2022/09/imgif.gif?resize=275%2C220&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 281 kB (281256 bytes)
Hash 6aaac83717731ae4f06ddb9975c6f88b
45ed0344eef8b8901b7cf1ec8dbac2bb97faa4fc
8b4c529c9614c3f8a0febefd78310fa1c92981fa9503314f20289f87b5365e42
GET /teahfd.com/wp-content/uploads/2022/09/imgif.gif?resize=275%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:09 GMT
content-type: image/webp
content-length: 281256
last-modified: Sat, 17 Sep 2022 13:37:58 GMT
expires: Tue, 17 Sep 2024 01:37:58 GMT
cache-control: public, max-age=63115200
link: <https://teahfd.com/wp-content/uploads/2022/09/imgif.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "2ec96cce9a88c897"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/teahfd.com/wp-content/uploads/2022/09/20210203_162523.jpg?w=320&ssl=1
192.0.77.2200 OK 7.2 kB URL HTTP/2 i0.wp.com/teahfd.com/wp-content/uploads/2022/09/20210203_162523.jpg?w=320&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x180, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c4e65f58e61951843ed36f79ef6f0b24
9b4e42dd9a1718cb60022aba48ed06812d15ae3f
c9f77290a199cc9663a9bc7856ac2332622fbce1a2639ae2585b02b9fe28f5ee
GET /teahfd.com/wp-content/uploads/2022/09/20210203_162523.jpg?w=320&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:09 GMT
content-type: image/webp
content-length: 7164
last-modified: Sat, 17 Sep 2022 13:37:58 GMT
expires: Tue, 17 Sep 2024 01:37:58 GMT
cache-control: public, max-age=63115200
link: <https://teahfd.com/wp-content/uploads/2022/09/20210203_162523.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "377629407130a3cf"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/teahfd.com/wp-content/uploads/2022/09/20220913_115112_0000.png?resize=390%2C220&ssl=1
192.0.77.2200 OK 44 kB URL HTTP/2 i0.wp.com/teahfd.com/wp-content/uploads/2022/09/20220913_115112_0000.png?resize=390%2C220&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c5eec859cd2e836d5b6887926b395c53
c000a71be60163094b80c50ed2b656836bca5587
5632aecb16ee85d37487b4a53264e030e281a422990d8d67d9666c1b5912f772
GET /teahfd.com/wp-content/uploads/2022/09/20220913_115112_0000.png?resize=390%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:09 GMT
content-type: image/webp
content-length: 43500
last-modified: Sat, 17 Sep 2022 13:37:58 GMT
expires: Tue, 17 Sep 2024 01:37:58 GMT
cache-control: public, max-age=63115200
link: <https://teahfd.com/wp-content/uploads/2022/09/20220913_115112_0000.png>; rel="canonical"
x-content-type-options: nosniff
etag: "aef191e95c88d114"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/teahfd.com/wp-content/uploads/2022/09/png_20220903_224721_0000.png?resize=390%2C220&ssl=1
192.0.77.2200 OK 85 kB URL HTTP/2 i0.wp.com/teahfd.com/wp-content/uploads/2022/09/png_20220903_224721_0000.png?resize=390%2C220&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 20d272418af2686c9deedbc19bf438a1
eb8065931d802f9e29bf203736ec0cf2256265a4
1dc856632a76742b0f92cf4ed20304637a036c9c377fe024b57f4b026c94cf1f
GET /teahfd.com/wp-content/uploads/2022/09/png_20220903_224721_0000.png?resize=390%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:09 GMT
content-type: image/webp
content-length: 85376
last-modified: Thu, 22 Sep 2022 05:41:52 GMT
expires: Sat, 21 Sep 2024 17:41:52 GMT
cache-control: public, max-age=63115200
link: <https://teahfd.com/wp-content/uploads/2022/09/png_20220903_224721_0000.png>; rel="canonical"
x-content-type-options: nosniff
etag: "da2ea9e431563ab2"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.42200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:36:43 GMT
expires: Thu, 21 Sep 2023 19:36:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 175046
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1474885556084892
216.58.207.194200 OK 121 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1474885556084892
IP 216.58.207.194:0
Size 121 kB (121247 bytes)
Hash f1cb8a01fac8adc9c171a1e0d2c2fe19
1368dc8da1e03864e2eff4af6982554e58439723
ceeec899ffb5fe1952717c1dc79fcb9deb0ecb7ba8ebe03819967b9770c6807a
GET /pagead/js/adsbygoogle.js?client=ca-pub-1474885556084892 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Fri, 23 Sep 2022 20:14:09 GMT
expires: Fri, 23 Sep 2022 20:14:09 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 5990951200620040125
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 52012
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11377
Expires: Fri, 23 Sep 2022 23:23:46 GMT
Date: Fri, 23 Sep 2022 20:14:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11377
Expires: Fri, 23 Sep 2022 23:23:46 GMT
Date: Fri, 23 Sep 2022 20:14:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11377
Expires: Fri, 23 Sep 2022 23:23:46 GMT
Date: Fri, 23 Sep 2022 20:14:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7606ff88f05062b66970d9805f38987a
d47db5fcd83023b4a8de40a47d4510e183de387a
20f89dd859e5715e27c289040fac6a121248e5b6c06da0a7f186984ffb029eb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ca56e32-b483-4063-a12c-be8fa8c3d85e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8497
x-amzn-requestid: 8543ac70-48ab-4523-856f-5d5fa1191c97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yin-pEryoAMFTfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324205d-660bba3f655f940d143bc437;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:06:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9KUFhjuFMzjuh37rFiNKaMNVaGZwPGBkLrv0zgfSTT7dCIuWj4G9Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:27 GMT
age: 79362
etag: "d47db5fcd83023b4a8de40a47d4510e183de387a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
teahfd.com/wp-content/plugins/wccp-pro/images/transparent.gif
185.151.30.158200 OK 42 B URL HTTP/2 teahfd.com/wp-content/plugins/wccp-pro/images/transparent.gif
IP 185.151.30.158:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /wp-content/plugins/wccp-pro/images/transparent.gif HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: image/gif
content-length: 42
server: Apache
x-provided-by: StackCDN
last-modified: Thu, 25 Aug 2022 15:31:44 GMT
etag: "2a-5e7127eb704e3"
cache-control: max-age=86400
expires: Wed, 07 Sep 2022 00:49:54 GMT
x-origin-cache-status: HIT
x-cdn-cache-status: HIT
accept-ranges: bytes
x-via: FRA1
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f10a12719b387d176497669ba75f0acc
16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:48 GMT
age: 79341
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 80747
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b877ead4a15221fdd278ef27f281a7ec
48c10714503e8dfdd3e3c3d39b919ef2792f0d15
f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 79601
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b318ea5c36d2b22b925f7dfe382df5f
0264e73c4cfff0bb255757c7e1c760a5ad3ece80
0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 79363
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61059307f07edc4e2ba9d07a258bca43
370d166426ad83fc04ccb6e300238d8cb6ab644a
55ec802097ab49f275686e99844ff4a3b554c8998213bb9c3f0380709297c55b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56968ed0-3207-4af0-8229-5f3698c6c55f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5936
x-amzn-requestid: 39e79389-c158-4427-aae0-b1d0dc1d0377
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VowElZoAMF2Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfd1-2da28eb66f876af76158b090;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -DSp0__jaBzizsfagTtIpwhkPqkvjS1L6T17J0OS5W0QhZww03ywpw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:29 GMT
age: 79360
etag: "370d166426ad83fc04ccb6e300238d8cb6ab644a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Fri, 23 Sep 2022 18:41:09 GMT
expires: Fri, 23 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 5580
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&aip=1&a=627036020&t=pageview&_s=1&dl=https%3A%2F%2Fshopping.teahfd.com%2Fdhlexp2m%2Fdhl%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20THE%20ENGLISH%20ACADEMY%20HAFIZABAD&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBACUABBAAAAC~&jid=89746296&gjid=825437687&cid=780253694.1663964049&tid=UA-207931748-1&_gid=1231674410.1663964049&_r=1>m=2ou9l0&did=dZTNiMT&gdid=dZTNiMT&z=518920961
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&aip=1&a=627036020&t=pageview&_s=1&dl=https%3A%2F%2Fshopping.teahfd.com%2Fdhlexp2m%2Fdhl%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20THE%20ENGLISH%20ACADEMY%20HAFIZABAD&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBACUABBAAAAC~&jid=89746296&gjid=825437687&cid=780253694.1663964049&tid=UA-207931748-1&_gid=1231674410.1663964049&_r=1>m=2ou9l0&did=dZTNiMT&gdid=dZTNiMT&z=518920961
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j97&aip=1&a=627036020&t=pageview&_s=1&dl=https%3A%2F%2Fshopping.teahfd.com%2Fdhlexp2m%2Fdhl%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20THE%20ENGLISH%20ACADEMY%20HAFIZABAD&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBACUABBAAAAC~&jid=89746296&gjid=825437687&cid=780253694.1663964049&tid=UA-207931748-1&_gid=1231674410.1663964049&_r=1>m=2ou9l0&did=dZTNiMT&gdid=dZTNiMT&z=518920961 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://shopping.teahfd.com
date: Fri, 23 Sep 2022 20:14:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8ec1540e8ec974c8f6edcedfe7dd807f
920b0ea678361a34b5508dee6c6f556a47586562
5749ded70372335a59fbf3f405a3330d8fb4ba6ae1df1417e8197a723abc46cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 443b0617be50ed9c9a81efccc9e01157
d1298731f176c8e13a878be5d37c40bf45da7ec2
a63e8b9e4e05dd3bfefb01b74196c89c6ac9c8d1809f66d750b533ca81991e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=shopping.teahfd.com&callback=_gfp_s_&client=ca-pub-1474885556084892
172.217.21.162200 OK 200 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=shopping.teahfd.com&callback=_gfp_s_&client=ca-pub-1474885556084892
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash a3db5da8b12e9ff90f06472f3db3fe68
80cd6730e7d6e0a538d5ab0a0e988d65856b4f10
76a320c05645d8d2dc7b895464ee88b68e7a4279733a719fb6ac554f19cef071
GET /gampad/cookie.js?domain=shopping.teahfd.com&callback=_gfp_s_&client=ca-pub-1474885556084892 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 20:14:09 GMT
server: cafe
cache-control: private
content-length: 200
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=shopping.teahfd.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=shopping.teahfd.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=shopping.teahfd.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 20:14:09 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=shopping.teahfd.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=shopping.teahfd.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=shopping.teahfd.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 20:14:09 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:32:09 GMT
expires: Thu, 21 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 175320
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220921/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Fri, 23 Sep 2022 03:27:15 GMT
expires: Fri, 07 Oct 2022 03:27:15 GMT
cache-control: public, max-age=1209600
age: 60414
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.wp.com/s-202238.js
192.0.76.3200 OK 4.3 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (9364), with no line terminators
Hash cbb438d62401c3f7864c82dfdfd8ff6e
002e3c63b7ac1f474df359f66f4ecf961cee3e1e
06e9b352b5f77fa0ffe2b1f75278df1154e71ef33b39c9a1a11ccd23e93bc37c
GET /s-202238.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-2494"
content-encoding: br
expires: Mon, 18 Sep 2023 14:19:31 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 175390
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.3/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
192.0.77.37200 OK 1.8 kB URL HTTP/2 c0.wp.com/p/woocommerce/6.9.3/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (10435), with no line terminators
Hash f2ba76ee74782bb7e184bbb90f6de197
6a059cc39ad7a6570ba868aba4d1c8204f24f699
836e18e24899e42bcaab3c7dd66820101cc3efe798d2d7414c84402fe7d17314
GET /p/woocommerce/6.9.3/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 24 Aug 2022 20:12:33 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474885556084892&output=html&adk=2969136045&adf=3689892565&lmt=1663964048&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshopping.teahfd.com%2Fdhlexp2m%2Fdhl%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663964048491&bpp=2&bdt=745&idt=167&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D758b82a93c781229-2239665f2bce006e%3AT%3D1663964049%3ART%3D1663964049%3AS%3DALNI_MbVMNM0iu94Ud-KPXuqDXc30AESZw&nras=1&correlator=3732398339509&frm=20&pv=2&ga_vid=780253694.1663964049&ga_sid=1663964049&ga_hid=627036020&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C44771547&oid=2&pvsid=3073053289227348&tmod=738228758&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
142.250.74.98200 OK 46 B URL HTTP/2 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1474885556084892&output=html&adk=2969136045&adf=3689892565&lmt=1663964048&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshopping.teahfd.com%2Fdhlexp2m%2Fdhl%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663964048491&bpp=2&bdt=745&idt=167&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D758b82a93c781229-2239665f2bce006e%3AT%3D1663964049%3ART%3D1663964049%3AS%3DALNI_MbVMNM0iu94Ud-KPXuqDXc30AESZw&nras=1&correlator=3732398339509&frm=20&pv=2&ga_vid=780253694.1663964049&ga_sid=1663964049&ga_hid=627036020&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C44771547&oid=2&pvsid=3073053289227348&tmod=738228758&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294
IP 142.250.74.98:0
File type HTML document, ASCII text, with very long lines (603), with no line terminators
Hash 0c80c3a2604d656b7e461160bf5eba0f
d4f5c720a2b94f5f13b2e569035a7b14a513630d
470b81d27902c371ec202ef835ecf76bf54c8e222dab8b77eb8d2fd45652c955
GET /pagead/ads?client=ca-pub-1474885556084892&output=html&adk=2969136045&adf=3689892565&lmt=1663964048&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshopping.teahfd.com%2Fdhlexp2m%2Fdhl%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663964048491&bpp=2&bdt=745&idt=167&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D758b82a93c781229-2239665f2bce006e%3AT%3D1663964049%3ART%3D1663964049%3AS%3DALNI_MbVMNM0iu94Ud-KPXuqDXc30AESZw&nras=1&correlator=3732398339509&frm=20&pv=2&ga_vid=780253694.1663964049&ga_sid=1663964049&ga_hid=627036020&ga_fc=1&u_tz=0&u_his=1&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1268&bih=939&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761793%2C44771547&oid=2&pvsid=3073053289227348&tmod=738228758&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1280%2C939&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=294 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Sep 2022 20:14:09 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Sep-2022 20:29:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Sep 2022 20:14:09 GMT
cache-control: private
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
216.58.207.194200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
IP 216.58.207.194:0
File type JSON data\012- , ASCII text, with very long lines (14790), with no line terminators
Hash 6e992f7eda72e4d6309d386f3e7b8643
5a8df82ce98f332c1a62dbed3dc3dd083e0dc2ca
5877a48ec0f7207981ce5d185cf176c5c2849757c3175a6cad64176e9e460f9a
GET /getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 23 Sep 2022 20:14:09 GMT
server: cafe
cache-control: private
content-length: 11229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eca161302377725388354dea1513144f
41cfa39fd07e41fb543fdf3e0697e6727ba19bfc
7c68027f691a9f10766356b9052a113a4f0dde19fdb0933f4efdc3ca5a6e7f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-97PJ1FN9NM>m=2oe9l0&_p=627036020&gdid=dZTNiMT&cid=780253694.1663964049&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663964048&sct=1&seg=0&dl=https%3A%2F%2Fshopping.teahfd.com%2Fdhlexp2m%2Fdhl%2F&dt=Page%20not%20found%20%E2%80%93%20THE%20ENGLISH%20ACADEMY%20HAFIZABAD&en=page_view&_fv=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-97PJ1FN9NM>m=2oe9l0&_p=627036020&gdid=dZTNiMT&cid=780253694.1663964049&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663964048&sct=1&seg=0&dl=https%3A%2F%2Fshopping.teahfd.com%2Fdhlexp2m%2Fdhl%2F&dt=Page%20not%20found%20%E2%80%93%20THE%20ENGLISH%20ACADEMY%20HAFIZABAD&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-97PJ1FN9NM>m=2oe9l0&_p=627036020&gdid=dZTNiMT&cid=780253694.1663964049&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663964048&sct=1&seg=0&dl=https%3A%2F%2Fshopping.teahfd.com%2Fdhlexp2m%2Fdhl%2F&dt=Page%20not%20found%20%E2%80%93%20THE%20ENGLISH%20ACADEMY%20HAFIZABAD&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://shopping.teahfd.com
date: Fri, 23 Sep 2022 20:14:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Fri, 23 Sep 2022 20:14:10 GMT
expires: Fri, 23 Sep 2022 20:14:10 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 11:30:52 GMT
expires: Fri, 22 Sep 2023 11:30:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 117798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
216.58.207.194200 OK 16 kB URL HTTP/2 pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (36077)
Hash 415157c1f387a460e1920d9ef76d761e
bd0b087cf48429ae5371f47e630bcb6e2dbdfddc
9c6ad65ff0061fbb91eee51816aff4529fb4a2f017d12c7aed2912d628abf5f8
GET /bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 16009
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 21:51:43 GMT
expires: Thu, 21 Sep 2023 21:51:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
content-type: text/javascript
age: 166947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 75a6c13f18620214e5e013385d752044
174c34759a1e50884846a2505f0be16c285d75cc
fe6fcbbe324ceefc1e833208faedaeae6934b34f868690e5ad4676b02c0b3bf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 20:14:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 32fca0c9a95300cd48e6adfbdc37e884
559844213c90f881fb406045bc39f75b84f0b886
f8b2baf7c869f8039a3613827998071cade1f7b7346f324ee11e4a9653c032ae
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 23 Sep 2022 20:14:10 GMT
date: Fri, 23 Sep 2022 20:14:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-KyqIysFl9sMbIL5CyQTBWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=3073053289227348&rc=
216.58.207.194204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=3073053289227348&rc=
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=3073053289227348&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Sep 2022 20:14:10 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=3073053289227348&bg=!CQqlCk7NAAYIxsuQKMY7ACkAdvg8WkW67DVbWKKnrhoVpJ5zP_1_7AW5wSz-KK63XYDTFvBEqtFedAIAAAC9UgAAAAJoAQeZAoP6K0OXP5MtiKvBYCirjlMj1giLxGQQo06VZEwWrMe3l7gptPvSrZWHYVsg0vGr5Aly4SVQ8__lEXI25MuSlw3Z1p8wUqxFyGYpnBbt6UNiI3EBdlO0Ika22l3LevlY97FYeesR9LNtvX0iZeyD-sIETSFrKNtkUBYims2RBBxEiiJyUzOCEaABzKqCU4qe8TSaWhW3bErxOvjRon679jzPi31XcaPGSYuKtdpdeznjXYHH_yOrn0H2oSyPn7re9kNdgEdjL0beTIC2Wr7b_7eaIVUlimOXAAqre1FdqW5obR7ySninX9iwQQDvVL02pOp4vRvTo_53ANxQF3KFujgMQk-A9SaIVkqbEAqyCoHM1wW_EkQ_70fGgydpKr30Vr3_IUUIQPtWDi8iG4n5aveJeA4I7rK5Nq8Uwyzmg5tGcVAF6Ne4f8wUD71L3sS8f5VESGOxeU2OO3-kJ93IoC0RF59cEejIQSdhSjSYFAgX6zhVyylv4jTgg5p9IBIzWBtEAM9DKr4I8FNAV0WEjPQXg4GWzUfpNqVrvkh9qjwR4FGkvcqtu_2wGwP053EgU_ABXMvyRfc8gp52xpB9OYEHnb9AFvmPTnYcDiBwK4jHHvlbpO5TbsGYoiQ0u6OObNBBamc5pr-c5iPFkUjJRszl-Oc5ayrPQ4WIRROfOI-QZ4YM4W_TKMq2FWWKxVxkRyYUZvhG-1Bm9gnkX8nUA-0ym1tUobrxhu3wYCuqcPZmF088MgSYzxc_XhkjIBosktL3SH8MDNINNRHzCuvkXzaPtQtw3jcIkq31cO1lIcZW7HeMt42_qoLTFmjEs3rFiRhtPvDfFCUlP93t4dZ7VuPfRr5q
216.58.207.194204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=3073053289227348&bg=!CQqlCk7NAAYIxsuQKMY7ACkAdvg8WkW67DVbWKKnrhoVpJ5zP_1_7AW5wSz-KK63XYDTFvBEqtFedAIAAAC9UgAAAAJoAQeZAoP6K0OXP5MtiKvBYCirjlMj1giLxGQQo06VZEwWrMe3l7gptPvSrZWHYVsg0vGr5Aly4SVQ8__lEXI25MuSlw3Z1p8wUqxFyGYpnBbt6UNiI3EBdlO0Ika22l3LevlY97FYeesR9LNtvX0iZeyD-sIETSFrKNtkUBYims2RBBxEiiJyUzOCEaABzKqCU4qe8TSaWhW3bErxOvjRon679jzPi31XcaPGSYuKtdpdeznjXYHH_yOrn0H2oSyPn7re9kNdgEdjL0beTIC2Wr7b_7eaIVUlimOXAAqre1FdqW5obR7ySninX9iwQQDvVL02pOp4vRvTo_53ANxQF3KFujgMQk-A9SaIVkqbEAqyCoHM1wW_EkQ_70fGgydpKr30Vr3_IUUIQPtWDi8iG4n5aveJeA4I7rK5Nq8Uwyzmg5tGcVAF6Ne4f8wUD71L3sS8f5VESGOxeU2OO3-kJ93IoC0RF59cEejIQSdhSjSYFAgX6zhVyylv4jTgg5p9IBIzWBtEAM9DKr4I8FNAV0WEjPQXg4GWzUfpNqVrvkh9qjwR4FGkvcqtu_2wGwP053EgU_ABXMvyRfc8gp52xpB9OYEHnb9AFvmPTnYcDiBwK4jHHvlbpO5TbsGYoiQ0u6OObNBBamc5pr-c5iPFkUjJRszl-Oc5ayrPQ4WIRROfOI-QZ4YM4W_TKMq2FWWKxVxkRyYUZvhG-1Bm9gnkX8nUA-0ym1tUobrxhu3wYCuqcPZmF088MgSYzxc_XhkjIBosktL3SH8MDNINNRHzCuvkXzaPtQtw3jcIkq31cO1lIcZW7HeMt42_qoLTFmjEs3rFiRhtPvDfFCUlP93t4dZ7VuPfRr5q
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=3073053289227348&bg=!CQqlCk7NAAYIxsuQKMY7ACkAdvg8WkW67DVbWKKnrhoVpJ5zP_1_7AW5wSz-KK63XYDTFvBEqtFedAIAAAC9UgAAAAJoAQeZAoP6K0OXP5MtiKvBYCirjlMj1giLxGQQo06VZEwWrMe3l7gptPvSrZWHYVsg0vGr5Aly4SVQ8__lEXI25MuSlw3Z1p8wUqxFyGYpnBbt6UNiI3EBdlO0Ika22l3LevlY97FYeesR9LNtvX0iZeyD-sIETSFrKNtkUBYims2RBBxEiiJyUzOCEaABzKqCU4qe8TSaWhW3bErxOvjRon679jzPi31XcaPGSYuKtdpdeznjXYHH_yOrn0H2oSyPn7re9kNdgEdjL0beTIC2Wr7b_7eaIVUlimOXAAqre1FdqW5obR7ySninX9iwQQDvVL02pOp4vRvTo_53ANxQF3KFujgMQk-A9SaIVkqbEAqyCoHM1wW_EkQ_70fGgydpKr30Vr3_IUUIQPtWDi8iG4n5aveJeA4I7rK5Nq8Uwyzmg5tGcVAF6Ne4f8wUD71L3sS8f5VESGOxeU2OO3-kJ93IoC0RF59cEejIQSdhSjSYFAgX6zhVyylv4jTgg5p9IBIzWBtEAM9DKr4I8FNAV0WEjPQXg4GWzUfpNqVrvkh9qjwR4FGkvcqtu_2wGwP053EgU_ABXMvyRfc8gp52xpB9OYEHnb9AFvmPTnYcDiBwK4jHHvlbpO5TbsGYoiQ0u6OObNBBamc5pr-c5iPFkUjJRszl-Oc5ayrPQ4WIRROfOI-QZ4YM4W_TKMq2FWWKxVxkRyYUZvhG-1Bm9gnkX8nUA-0ym1tUobrxhu3wYCuqcPZmF088MgSYzxc_XhkjIBosktL3SH8MDNINNRHzCuvkXzaPtQtw3jcIkq31cO1lIcZW7HeMt42_qoLTFmjEs3rFiRhtPvDfFCUlP93t4dZ7VuPfRr5q HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Sep 2022 20:14:10 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1985a957e6bc0c15d8489fa731e7f14e
4584bff61bf4d5c9b8fd3b97c048a8e6975e4323
9f3e1fd6e18d85d4f6645d077da643a3bc2cca611d5e85f534ba798102dca243
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155952bd-256a-4103-9017-437efcfb03bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7005
x-amzn-requestid: c805d882-7a00-4abd-a239-d8313d7df0c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4aBwEaMIAMF09A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd6d7-6d6a417f10c9628a16d438e1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7edV0FJytVSpHH-WkCiYzhW1JP4L6i6bpPCq9MTxPdhwFQTryf06BQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 80460
etag: "4584bff61bf4d5c9b8fd3b97c048a8e6975e4323"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.placeholder.com/599x98
104.21.33.39403 Forbidden 0 B URL HTTP/2 www.placeholder.com/599x98
IP 104.21.33.39:0
GET /599x98 HTTP/1.1
Host: www.placeholder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shopping.teahfd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Fri, 23 Sep 2022 20:14:09 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=457dqapnVxk08lpE7J07qWYtOe4m0ZtrYOF4pmk%2F60t0L%2BIWJ8F6mKyqGkApM95z0xRqTH3pUxjfCCcAwi0lzzDd0DxxB9lQ9AMSGLzIZGG0Ws6cwnOErh49iir5iTsGPZoawF%2BW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f5f1eaf86a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
teahfd.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
185.151.30.158200 OK 0 B URL HTTP/2 teahfd.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 185.151.30.158:0
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: application/javascript
server: Apache
x-provided-by: StackCDN
last-modified: Sun, 26 Jun 2022 10:52:33 GMT
etag: W/"48b9-5e25799c77ef6"
cache-control: max-age=86400
expires: Tue, 06 Sep 2022 19:08:42 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: HIT
content-encoding: gzip
x-cdn-cache-status: HIT
x-via: FRA1
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.3/assets/js/frontend/woocommerce.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/6.9.3/assets/js/frontend/woocommerce.min.js
IP 192.0.77.37:0
GET /p/woocommerce/6.9.3/assets/js/frontend/woocommerce.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 May 2021 17:00:20 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202238.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202238.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 11 Sep 2023 07:31:45 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
shopping.teahfd.com/?wc-ajax=get_refreshed_fragments&elementor_page_id=0
185.151.30.158200 OK 0 B URL HTTP/2 shopping.teahfd.com/?wc-ajax=get_refreshed_fragments&elementor_page_id=0
IP 185.151.30.158:0
POST /?wc-ajax=get_refreshed_fragments&elementor_page_id=0 HTTP/1.1
Host: shopping.teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://shopping.teahfd.com
Connection: keep-alive
Referer: https://shopping.teahfd.com/dhlexp2m/dhl/
Cookie: ihc_workflow_restrictions_0=a%3A1%3A%7Bi%3A0%3Bi%3A38623%3B%7D; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; _ga=GA1.1.780253694.1663964049; _gid=GA1.2.1231674410.1663964049; _gat_gtag_UA_207931748_1=1; _ga_97PJ1FN9NM=GS1.1.1663964048.1.0.1663964048.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:10 GMT
content-type: application/json; charset=UTF-8
server: Apache
x-powered-by: PHP/7.4.30
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: 0fa_HTTP.200,0fa_HTTP.200
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: wccp_pro_functionality=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
x-provided-by: StackCDN, StackCDN
vary: Accept-Encoding
x-via: FRA1
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.3/packages/woocommerce-blocks/build/wc-blocks-style.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/6.9.3/packages/woocommerce-blocks/build/wc-blocks-style.css
IP 192.0.77.37:0
GET /p/woocommerce/6.9.3/packages/woocommerce-blocks/build/wc-blocks-style.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 24 Aug 2022 20:12:33 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.3.2/css/jetpack.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/css/jetpack.css
IP 192.0.77.37:0
GET /p/jetpack/11.3.2/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 22 Sep 2022 16:22:40 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
teahfd.com/wp-content/plugins/A.contact-form-7,,_includes,,_css,,_styles.css,,qver==5.6.3+indeed-membership-pro,,_assets,,_css,,_style.min.css,,qver==10.2,Mcc.JYRhQArmEV.css.pagespeed.cf.cA0HYDH1B1.css
185.151.30.158200 OK 0 B URL HTTP/2 teahfd.com/wp-content/plugins/A.contact-form-7,,_includes,,_css,,_styles.css,,qver==5.6.3+indeed-membership-pro,,_assets,,_css,,_style.min.css,,qver==10.2,Mcc.JYRhQArmEV.css.pagespeed.cf.cA0HYDH1B1.css
IP 185.151.30.158:0
GET /wp-content/plugins/A.contact-form-7,,_includes,,_css,,_styles.css,,qver==5.6.3+indeed-membership-pro,,_assets,,_css,,_style.min.css,,qver==10.2,Mcc.JYRhQArmEV.css.pagespeed.cf.cA0HYDH1B1.css HTTP/1.1
Host: teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: text/css
vary: Accept-Encoding
server: Apache
x-provided-by: StackCDN
x-origin-cache-status: HIT
x-original-content-length: 48449
last-modified: Fri, 23 Sep 2022 20:14:08 GMT
x-content-type-options: nosniff
expires: Fri, 23 Sep 2022 20:19:08 GMT
cache-control: max-age=300,private
content-encoding: gzip
x-cdn-cache-status: MISS
x-via: FRA1
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.3/assets/js/frontend/add-to-cart.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/6.9.3/assets/js/frontend/add-to-cart.min.js
IP 192.0.77.37:0
GET /p/woocommerce/6.9.3/assets/js/frontend/add-to-cart.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 19:16:40 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.3/assets/js/frontend/cart-fragments.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/6.9.3/assets/js/frontend/cart-fragments.min.js
IP 192.0.77.37:0
GET /p/woocommerce/6.9.3/assets/js/frontend/cart-fragments.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 22:30:13 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0.2
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0.2
IP 104.18.225.52:0
GET /sdks/OneSignalSDK.js?ver=6.0.2 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3168
expires: Mon, 26 Sep 2022 20:14:08 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 74f5f1e99d441bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
placehold.it/599x98
104.21.60.12301 Moved Permanently 0 B IP 104.21.60.12:0
GET /599x98 HTTP/1.1
Host: placehold.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 23 Sep 2022 20:14:08 GMT
location: https://www.placeholder.com/599x98
cache-control: max-age=3600
expires: Fri, 23 Sep 2022 21:14:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoGDPGWjlIqGCi%2F3wTjsMBW9wVMw1BFxdWuz7l%2FUksVM0CK%2Bs4kLr2tymJwMKShea4nPzAEeqKbRFwcFD0p9uZq%2BcJiQg%2FL8FBz5QyJC3CR6JlS8r9yzo8%2B1eCmctq0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74f5f1e99c54b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
shopping.teahfd.com/favicon.ico
185.151.30.158302 Found 0 B URL HTTP/2 shopping.teahfd.com/favicon.ico
IP 185.151.30.158:0
GET /favicon.ico HTTP/1.1
Host: shopping.teahfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/dhlexp2m/dhl/
Cookie: ihc_workflow_restrictions_0=a%3A1%3A%7Bi%3A0%3Bi%3A38623%3B%7D; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 23 Sep 2022 20:14:05 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
server: Apache
x-powered-by: PHP/7.4.30
link: <https://teahfd.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-tag: 0fa_HTTP.200,0fa_HTTP.302
set-cookie: wccp_pro_functionality=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
x-provided-by: StackCDN
x-origin-cache-status: MISS
x-cdn-cache-status: MISS
x-via: FRA1
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.3.2/_inc/build/photon/photon.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.3.2/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopping.teahfd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 20:14:08 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Sat, 23 Sep 2023 20:14:08 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2