r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10760
Expires: Mon, 30 Jan 2023 23:35:30 GMT
Date: Mon, 30 Jan 2023 20:36:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11764
Expires: Mon, 30 Jan 2023 23:52:14 GMT
Date: Mon, 30 Jan 2023 20:36:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 20:35:46 GMT
content-type: application/json
age: 24
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4856
Expires: Mon, 30 Jan 2023 21:57:06 GMT
Date: Mon, 30 Jan 2023 20:36:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hk3FKdnD3wCRJzgArwgrI23qbdbwEHpd02B1QgOhmCRv3W4kitBb27qsKtTolXsp3cqWUUsPN8g=
x-amz-request-id: NH9P17NQHMTVR1P7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 19:50:52 GMT
age: 2718
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.mail1.staffupdate.net/17bz18f/1176/1aed/2afm3e81az170ba.html
184.170.254.3301 Moved Permanently 280 B URL HTTP/1.1 www.mail1.staffupdate.net/17bz18f/1176/1aed/2afm3e81az170ba.html
IP 184.170.254.3:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fa9cc477def68e11a49aca26aae01ac8
221bb1093343de9bc02a4594f71bc71a315a04b9
18d936bff79efa71a8835608150b95dd60084c4f30c2ffe2c04c6081f08cf268
Analyzer Verdict Alert fortinet Phishing
GET /17bz18f/1176/1aed/2afm3e81az170ba.html HTTP/1.1
Host: www.mail1.staffupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 20:36:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location: https://www.mail1.staffupdate.net/17bz18f/1176/1aed/2afm3e81az170ba.html
Content-Length: 280
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:36:10 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 19:41:41 GMT
age: 3269
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0a3ee905442f9b00537edc490242f9fe
b3af42cfd77fdae79956f2bfbe63d7f1ba38d82f
37c442639217cba2bd085964190b25fd191aacee67d61ae62a23bb36e80d5bd5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37C442639217CBA2BD085964190B25FD191AACEE67D61AE62A23BB36E80D5BD5"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Tue, 31 Jan 2023 02:35:25 GMT
Date: Mon, 30 Jan 2023 20:36:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5582
Expires: Mon, 30 Jan 2023 22:09:13 GMT
Date: Mon, 30 Jan 2023 20:36:11 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.158.219101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.158.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pPyse8/JhVdJQlqLKVpfeQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZdKgZio7SSsStIAlT8ljuGRROCk=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2266
Expires: Mon, 30 Jan 2023 21:13:58 GMT
Date: Mon, 30 Jan 2023 20:36:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2266
Expires: Mon, 30 Jan 2023 21:13:58 GMT
Date: Mon, 30 Jan 2023 20:36:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 81651
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 81843
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 81334
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 81784
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 23:25:02 GMT
age: 76270
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:56:46 GMT
age: 81566
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.mail1.staffupdate.net/17bz18f/1176/1aed/2afm3e81az170ba.html
184.170.254.3200 OK 239 B URL HTTP/1.1 www.mail1.staffupdate.net/17bz18f/1176/1aed/2afm3e81az170ba.html
IP 184.170.254.3:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 0e0f59d136d87dc96c45fc1f97c53faa
f4263412414e89fb57c757f41a7cc497571bdc7a
23641ba3cffff3492e08d49b3d4694543c1d86fed43599730bdb9ae224e60cd6
Analyzer Verdict Alert fortinet Phishing
GET /17bz18f/1176/1aed/2afm3e81az170ba.html HTTP/1.1
Host: www.mail1.staffupdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:36:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Length: 239
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 15e087c4607a90d5b323717efcfef1b7
1c7fc47f24a79b01c3aef417f635b56061335272
389b095f69244514e22c34c39d3dc4500b555c63bfc212eb0ca61b111706783c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6544
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:13 GMT
Last-Modified: Mon, 30 Jan 2023 18:47:09 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 15e087c4607a90d5b323717efcfef1b7
1c7fc47f24a79b01c3aef417f635b56061335272
389b095f69244514e22c34c39d3dc4500b555c63bfc212eb0ca61b111706783c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6545
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:14 GMT
Last-Modified: Mon, 30 Jan 2023 18:47:09 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
www.hellofresh.com/plans?c=XU-LRK16&utm_source=eduleads&utm_medium=email&utm_campaign=2023eduleads&dm=meals&mealsize=4-2&dm_gifts=gifts
104.18.11.23200 OK 249 kB URL HTTP/2 www.hellofresh.com/plans?c=XU-LRK16&utm_source=eduleads&utm_medium=email&utm_campaign=2023eduleads&dm=meals&mealsize=4-2&dm_gifts=gifts
IP 104.18.11.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (16564)
Size 249 kB (248961 bytes)
Hash 8d75b46470aa6e673b0da8f86ef57eb0
7ede98270f2210d06a171a65e1ed807f5466bb16
850a5da42ac322d796cdfc3d46639fceea0a47204616ef20b9c121d081cf8e19
GET /plans?c=XU-LRK16&utm_source=eduleads&utm_medium=email&utm_campaign=2023eduleads&dm=meals&mealsize=4-2&dm_gifts=gifts HTTP/1.1
Host: www.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mail1.staffupdate.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:36:14 GMT
content-type: text/html; charset=utf-8
cf-ray: 791cff9e2a410b51-OSL
cache-control: public, max-age=14400
content-language: en-US
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-content-type-options: nosniff
x-envoy-upstream-service-time: 410
x-frame-options: SAMEORIGIN
x-powered-by: Next.js
x-xss-protection: 1; mode=block
set-cookie: __cf_bm=7dvaEMVYK0pieBGUPFcqAhL2TBXkqvP2_9HYwr4Iyxo-1675110974-0-ASteGq809ROD3gBpoLQRbiZS0X/ASwkQdvnkYEiCenLDgv/3imz8gtl3wQOBWwr7wl6A5UhDOxQH1r3Mr3ah3GQ=; path=/; expires=Mon, 30-Jan-23 21:06:14 GMT; domain=.hellofresh.com; HttpOnly; Secure; SameSite=None
__cf_bm=pdjecF2Ch0f_Ou.kIgdBU1bpmEm3RRB8SnNNU_w45go-1675110974-0-AVtvq9bBR3rOCnYp57+waoO3VL3wLAxSBrqlrsIjRR33n2Rff3WMoXEDFdhKVIMI7D6FTSxOVi8Dgi0PLjWY8/FOuG4z6vgrNjoxgg8flwXV; path=/; expires=Mon, 30-Jan-23 21:06:14 GMT; domain=.hellofresh.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 16 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8c824cf1e0d0a68a51f431c2de6b056b
dc897b67b6b14f919fc7bc62b953a0e46086eed5
bc06b44f0ddd64a52742e24e0b0b9ed1cb19045604a8be40f1b3d0401de68d20
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAF94E17426EF7402F3998FDD4CE805B3BADBD30360628FCB9C1787841F8A29A"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11194
Expires: Mon, 30 Jan 2023 23:42:48 GMT
Date: Mon, 30 Jan 2023 20:36:14 GMT
Connection: keep-alive
o46710.ingest.sentry.io/api/5396938/envelope/?sentry_key=5c397ef08a6c49098d09dfd70fddf09e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.20.0
34.120.195.249200 OK 2.4 kB URL HTTP/2 o46710.ingest.sentry.io/api/5396938/envelope/?sentry_key=5c397ef08a6c49098d09dfd70fddf09e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.20.0
IP 34.120.195.249:0
Hash a27fd05813001169779937a05e941bb6
7c102f033d52257edaa1589c77e0bc2ff9b8a323
8f2453c6370c221d66f1607014879c40ad77eb82f332e6e8caf1351de2d6800b
POST /api/5396938/envelope/?sentry_key=5c397ef08a6c49098d09dfd70fddf09e&sentry_version=7&sentry_client=sentry.javascript.react%2F7.20.0 HTTP/1.1
Host: o46710.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hellofresh.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.hellofresh.com
Content-Length: 421
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:36:14 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://www.hellofresh.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 25 kB IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 688879f94b0f307aa757069acbb9555b
a2ed4a35e23713300fa449686b3913be03a1f5cb
fc3318c5008f0feabe13ac4867b1332f7e3b34f267b7f64b9e384e038f203581
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAF94E17426EF7402F3998FDD4CE805B3BADBD30360628FCB9C1787841F8A29A"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11193
Expires: Mon, 30 Jan 2023 23:42:48 GMT
Date: Mon, 30 Jan 2023 20:36:15 GMT
Connection: keep-alive
img.hellofresh.com/w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Quick+and+easy%403x.jpg
23.38.201.77200 OK 65 kB URL HTTP/2 img.hellofresh.com/w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Quick+and+easy%403x.jpg
IP 23.38.201.77:0
Hash d4616356d4f27623dfd60d956a29c69f
4fef5e679ba268e4e0efc71cbe83b313fec50e38
d040c8dd4e24992e1194c9bde32be4e80a16a0bd8d09c9a165f665d8dba749f1
GET /w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Quick+and+easy%403x.jpg HTTP/1.1
Host: img.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Cookie: __cf_bm=pdjecF2Ch0f_Ou.kIgdBU1bpmEm3RRB8SnNNU_w45go-1675110974-0-AVtvq9bBR3rOCnYp57+waoO3VL3wLAxSBrqlrsIjRR33n2Rff3WMoXEDFdhKVIMI7D6FTSxOVi8Dgi0PLjWY8/FOuG4z6vgrNjoxgg8flwXV; __cfruid=2ab50f9cce026ab3dbc534e56055236ecf64bd77-1675110974
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/jpeg
etag: "232378b70af34c8f53f6cd3e148a3da4"
last-modified: Thu, 29 Sep 2022 17:38:54 GMT
content-length: 62670
date: Mon, 30 Jan 2023 20:36:16 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=4;start=2023-01-30T20:36:16.369Z;desc=hit,rtt;dur=3
X-Firefox-Spdy: h2
img.hellofresh.com/w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Veggie%403x.jpg
23.38.201.77200 OK 63 kB URL HTTP/2 img.hellofresh.com/w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Veggie%403x.jpg
IP 23.38.201.77:0
Hash b460dff343f4d98812a26d6e9f9c7086
5c3f5316b1565751c3dc167ed980eca8e38db899
d0060c74fdbe81a7f92424e331fe93efcf27774dee7d3d9615b3059a17ed1245
GET /w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Veggie%403x.jpg HTTP/1.1
Host: img.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Cookie: __cf_bm=pdjecF2Ch0f_Ou.kIgdBU1bpmEm3RRB8SnNNU_w45go-1675110974-0-AVtvq9bBR3rOCnYp57+waoO3VL3wLAxSBrqlrsIjRR33n2Rff3WMoXEDFdhKVIMI7D6FTSxOVi8Dgi0PLjWY8/FOuG4z6vgrNjoxgg8flwXV; __cfruid=2ab50f9cce026ab3dbc534e56055236ecf64bd77-1675110974
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-disposition: inline; filename="Veggie@3x.webp"
content-type: image/webp
etag: "b86001a17043d15e7f45ff81975a28e4"
last-modified: Thu, 29 Sep 2022 17:38:54 GMT
content-length: 44186
date: Mon, 30 Jan 2023 20:36:16 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=4;start=2023-01-30T20:36:16.369Z;desc=hit,rtt;dur=3
X-Firefox-Spdy: h2
img.hellofresh.com/w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Meat+and+veggies%403x.jpg
23.38.201.77200 OK 46 kB URL HTTP/2 img.hellofresh.com/w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Meat+and+veggies%403x.jpg
IP 23.38.201.77:0
Hash 47fe3473b729a409ada096386aa4fe39
a984f73b40797dfe14d7e7b7723184a56a19be8c
a7ca836f2125e9485b170f668d56570bc607241e2c309af5656e8c5365c0589d
GET /w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Meat+and+veggies%403x.jpg HTTP/1.1
Host: img.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Cookie: __cf_bm=pdjecF2Ch0f_Ou.kIgdBU1bpmEm3RRB8SnNNU_w45go-1675110974-0-AVtvq9bBR3rOCnYp57+waoO3VL3wLAxSBrqlrsIjRR33n2Rff3WMoXEDFdhKVIMI7D6FTSxOVi8Dgi0PLjWY8/FOuG4z6vgrNjoxgg8flwXV; __cfruid=2ab50f9cce026ab3dbc534e56055236ecf64bd77-1675110974
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-disposition: inline; filename="Meat+and+veggies@3x.webp"
content-type: image/webp
etag: "4b99a03ea4971c3a3bf346767462023c"
last-modified: Thu, 29 Sep 2022 17:38:54 GMT
content-length: 41650
date: Mon, 30 Jan 2023 20:36:16 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=4;start=2023-01-30T20:36:16.369Z;desc=hit,rtt;dur=3
X-Firefox-Spdy: h2
img.hellofresh.com/w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Fit+and+wholesome%403x.jpg
23.38.201.77200 OK 38 kB URL HTTP/2 img.hellofresh.com/w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Fit+and+wholesome%403x.jpg
IP 23.38.201.77:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 384x462, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c35897fd932bb1961e0d98a3d15b72b0
f304d0dbb984f8cf7d44a039b0b1f4cedfd2b82e
c51f7ea504debefb596182eff1aba977d0936dde75fe929d86842592627093b8
GET /w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Fit+and+wholesome%403x.jpg HTTP/1.1
Host: img.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Cookie: __cf_bm=pdjecF2Ch0f_Ou.kIgdBU1bpmEm3RRB8SnNNU_w45go-1675110974-0-AVtvq9bBR3rOCnYp57+waoO3VL3wLAxSBrqlrsIjRR33n2Rff3WMoXEDFdhKVIMI7D6FTSxOVi8Dgi0PLjWY8/FOuG4z6vgrNjoxgg8flwXV; __cfruid=2ab50f9cce026ab3dbc534e56055236ecf64bd77-1675110974
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-disposition: inline; filename="Fit+and+wholesome@3x.webp"
content-type: image/webp
etag: "c35897fd932bb1961e0d98a3d15b72b0"
last-modified: Thu, 29 Sep 2022 17:38:54 GMT
content-length: 37904
date: Mon, 30 Jan 2023 20:36:16 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=4;start=2023-01-30T20:36:16.369Z;desc=hit,rtt;dur=4
X-Firefox-Spdy: h2
img.hellofresh.com/w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Family+friendly%403x.jpg
23.38.201.77200 OK 37 kB URL HTTP/2 img.hellofresh.com/w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Family+friendly%403x.jpg
IP 23.38.201.77:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 384x462, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 66b56ed5fcc93e9014fa0a47a6a64b9d
b0871431df5a2bc626b6f49cd3089c7f5a197b9e
e2f3b16ef2f1e9f0d83acfea42fd50ea91948cdc5ef00847f257b6765f38155d
GET /w_384,q_auto,f_auto,c_limit,fl_lossy/q_auto/hellofresh_website/us/funnel-fragment/plans/Family+friendly%403x.jpg HTTP/1.1
Host: img.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Cookie: __cf_bm=pdjecF2Ch0f_Ou.kIgdBU1bpmEm3RRB8SnNNU_w45go-1675110974-0-AVtvq9bBR3rOCnYp57+waoO3VL3wLAxSBrqlrsIjRR33n2Rff3WMoXEDFdhKVIMI7D6FTSxOVi8Dgi0PLjWY8/FOuG4z6vgrNjoxgg8flwXV; __cfruid=2ab50f9cce026ab3dbc534e56055236ecf64bd77-1675110974
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-disposition: inline; filename="Family+friendly@3x.webp"
content-type: image/webp
etag: "66b56ed5fcc93e9014fa0a47a6a64b9d"
last-modified: Thu, 29 Sep 2022 17:38:54 GMT
content-length: 37336
date: Mon, 30 Jan 2023 20:36:16 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=4;start=2023-01-30T20:36:16.369Z;desc=hit,rtt;dur=4
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 18 kB IP 142.250.74.131:0
Hash d6b25483fa7584dc39b3fa067e1e85cc
61a561d68ea27e352896fbe6c062a800dec72cd8
48265e63006b774eb0ef63219288a055d0dd931173bce8a47e49ec38d070d458
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-DBTX
142.250.74.168200 OK 73 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-DBTX
IP 142.250.74.168:0
File type ASCII text, with no line terminators
Hash 6e46071610d15302cc1315a918116b58
9a5e344a0e486d348d0f62a3d4435bff6c76a847
6135f1e648509d99c1a5269560357336563b439ef4b1161210d53b1896a936b8
GET /gtm.js?id=GTM-DBTX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 20:36:17 GMT
expires: Mon, 30 Jan 2023 20:36:17 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 20:00:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72875
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KMWJG5K
142.250.74.168200 OK 83 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KMWJG5K
IP 142.250.74.168:0
File type ASCII text, with very long lines (37372)
Hash 5148d68e8834b198902e3da880d5f462
c466896825cd3500ceaeb29b1087b24accb50ed0
4aa77012aaa83cad822abe26354e38df78be2bf78f9248df3e19e46b5b41ba7e
GET /gtm.js?id=GTM-KMWJG5K HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 20:36:17 GMT
expires: Mon, 30 Jan 2023 20:36:17 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 20:00:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 82915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.optimizely.com/js/10774230797.js
2.18.172.152200 OK 244 kB URL HTTP/2 cdn.optimizely.com/js/10774230797.js
IP 2.18.172.152:0
Size 244 kB (243568 bytes)
Hash aa392594df50004345d8c23f2f9059f2
594e23972b13ab734dfb6518e24633de61ed5f6d
818737ce3465fe55a38a5bca3b1947aa993c1705a586ff04e8933ae7ba8acf18
GET /js/10774230797.js HTTP/1.1
Host: cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: r0pA5MHIht7yhOBa3i5MNGhK21u2/BEgm/K6uo8QLjk1NYLG0TdX5r6Vn3Qa9QsdnWfNfzYFt7E=
x-amz-request-id: SQRVG934WX16PPT5
x-amz-replication-status: PENDING
last-modified: Sun, 29 Jan 2023 22:34:51 GMT
etag: "29a3a4c3e75c97a8944395c9e280dbda"
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 25145
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: cDGjFNZiyfNuv8kHFDGNQOd9L9MtXcRu
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
server: AmazonS3
content-length: 243163
vary: Accept-Encoding
cache-control: max-age=600
date: Mon, 30 Jan 2023 20:36:17 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2.18.172.152";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash c9ef3779aa84cb2796b475095134e996
d6b217bd82124c2914bd8b3cd3263e85db5e2edd
10daa1f471a3a89b417c142fbb61f7ec6352a0b1ad863952b88d179cd0fa16b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 20:36:17 GMT
Last-Modified: Mon, 30 Jan 2023 20:28:50 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YfkrVd4B_nS4sqtDi-tlmJKoB7bTHlh-lIhD2TrTzNJ4GbuQgjlNDA==
Age: 447
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash c9ef3779aa84cb2796b475095134e996
d6b217bd82124c2914bd8b3cd3263e85db5e2edd
10daa1f471a3a89b417c142fbb61f7ec6352a0b1ad863952b88d179cd0fa16b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 20:36:17 GMT
Last-Modified: Mon, 30 Jan 2023 20:34:08 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cDaIEyeBEE4yanvXPvPGymFy3zcNKox_6OIhjfDywozP8IFhonN-6Q==
Age: 132
logx.optimizely.com/v1/events
54.237.72.48200 OK 40 kB URL HTTP/1.1 logx.optimizely.com/v1/events
IP 54.237.72.48:0
Hash 3185c0166d8e6ab8bd2c8e5b01f0da12
db877b8456ac316cf438ddbc2b11a9d55d65daa6
8f11b48388253bf5144189c25afc442027f02009f0bef1eac5d37c180047b88a
OPTIONS /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.hellofresh.com/
Origin: https://www.hellofresh.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://www.hellofresh.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Mon, 30 Jan 2023 20:36:17 GMT
Server: nginx/1.21.0
X-Request-Id: c111ace0-8530-41c5-95f8-c7666cc468ae
Content-Length: 13
Connection: keep-alive
logx.optimizely.com/v1/events
54.237.72.48204 No Content 11 kB URL HTTP/1.1 logx.optimizely.com/v1/events
IP 54.237.72.48:0
Hash ae541b90d0ae876b188228bf3b8ad146
592bbc8f49662165c688ef9668657f82b3f86a13
367510155a70280d4328654f1f02014bc560b3cfcc00acaa275e9207b7e1f76b
POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1154
Origin: https://www.hellofresh.com
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.hellofresh.com
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Mon, 30 Jan 2023 20:36:17 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: 8c98fc58-123b-45e8-9c10-692516c9e445
Connection: keep-alive
www.redditstatic.com/ads/pixel.js
151.101.129.140200 OK 7.4 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.129.140:0
File type ASCII text, with very long lines (23347)
Hash 03d5db9dfd00a5719bb4c9261e6fa1bb
be9899225f59b4d3ef6fefcf0e66b72568353a94
e90f19642062e4311b58ede732592e8f29b7799661086a0bbfc68e259fd81398
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 20:36:17 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7356
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
54.192.99.254200 OK 13 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 54.192.99.254:0
File type ASCII text, with very long lines (30923), with no line terminators
Hash 957d65dfa972893511879b4d2abce54b
a0106f59c171c72c527a88cc3b06263af186a5c4
24cae1a14856e2642826fe9d960b0e61ae60fa45a778ec61f2b7d862dc3af603
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13270
server: CloudFront
date: Mon, 30 Jan 2023 20:36:17 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Tue, 31 Jan 2023 18:59:41 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 8021f954d329869476f935f2fb14e66e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Ni_MMxno1jBWXYXQus6eh_hZYSvYjoElVnELokevqFPNrY5wMD-ljw==
X-Firefox-Spdy: h2
status.rapidssl.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e30c6ce35e3dfb5ee2b3f10b081ded8b
fb94a1b3b8fdd29d59aa5b42382607ddfae4b397
21e3e8ad1cb2783828da413ce1fda8bb81d51ef894162282978af6c952df13da
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 382
Cache-Control: max-age=111302
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:17 GMT
Etag: "63d73889-1d7"
Expires: Wed, 01 Feb 2023 03:31:19 GMT
Last-Modified: Mon, 30 Jan 2023 03:24:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.upsellit.com/active/hellofresh2022.jsp
34.117.39.58200 OK 52 kB URL HTTP/2 www.upsellit.com/active/hellofresh2022.jsp
IP 34.117.39.58:0
Hash b17734262af9a7d2b85dd1697ad510ce
17a2765551b78cb90d0ac5dd535264df9f1d2d8c
4c3740259fb387b9f083572d88901e2fcee4a6f21490755f00bc88bd0ef6551c
GET /active/hellofresh2022.jsp HTTP/1.1
Host: www.upsellit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
date: Mon, 30 Jan 2023 17:22:26 GMT
expires: Tue, 31 Jan 2023 17:22:26 GMT
cache-control: max-age=86400
content-type: application/x-javascript;charset=ISO-8859-1
content-length: 9889
age: 11631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.rapidssl.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e30c6ce35e3dfb5ee2b3f10b081ded8b
fb94a1b3b8fdd29d59aa5b42382607ddfae4b397
21e3e8ad1cb2783828da413ce1fda8bb81d51ef894162282978af6c952df13da
POST / HTTP/1.1
Host: status.rapidssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 382
Cache-Control: max-age=111302
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:17 GMT
Etag: "63d73889-1d7"
Expires: Wed, 01 Feb 2023 03:31:19 GMT
Last-Modified: Mon, 30 Jan 2023 03:24:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/Ifmjw5UV6aI
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Ifmjw5UV6aI
IP 142.250.74.131:0
Hash 670a8bafffddc273b6eec3669feafde8
ac4020459e57cc97db60e9e28db6dc7aa46c2f96
710ef88cde6485d941b033143df60852f7572be38cdb5daf527a114ee4a9b18d
POST /s/gts1d4/Ifmjw5UV6aI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash b10db14d71c2e1a869dfc58ece4cbc64
f1f47b2b98de6da0f67d4d7fe4da50036f259ada
22e9565fd96c176abdf430af5c371ab75a4532260a9a394936cab584fcca3189
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137298
Date: Mon, 30 Jan 2023 20:36:17 GMT
Etag: "63d785cd-1d7"
Expires: Wed, 01 Feb 2023 10:44:35 GMT
Last-Modified: Mon, 30 Jan 2023 08:54:37 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xuz_lhOxVNMeAlFqzpP9oLkkU0Mujs8y9Xb0q1_cFmyW1GNQ9VbICw==
Age: 6598
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash cb13214cc5132b17dbdab4595bf8653b
c2aa9e4a8ac060ae901b43234126dd02912ee839
779fe73499aabe197f05e189e281d46a88697d35e66527147b56d79e3f889105
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135749
Date: Mon, 30 Jan 2023 20:36:17 GMT
Etag: "63d79571-1d7"
Expires: Wed, 01 Feb 2023 10:18:46 GMT
Last-Modified: Mon, 30 Jan 2023 10:01:21 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cjjQHDXnUOlmZf3kuXCCSgkgiLSyNPo-v1x3BU1hPMf3Fr6NuOo3ig==
Age: 1045
web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/chat-live.js?cache=1-20
52.218.62.40200 OK 52 kB URL HTTP/1.1 web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/chat-live.js?cache=1-20
IP 52.218.62.40:0
File type Unicode text, UTF-8 text, with very long lines (65459)
Hash c9de0b920f64ae84245c3a3e14a406c9
534724bbb8c16c7cb1e6afb143e57985697d49da
3fa1dee1a35fae7759152918750654b140c1edb5aa5d70faa8fcea2b9a1a80c8
GET /live/chat-live.js?cache=1-20 HTTP/1.1
Host: web-chat-tag-cdn.s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: eMVas4IcSuttJxNJtdNpvgwzqgAzapc3VlMzqxF77QVt/ncBvIk8jtBkl1Ko7MmeRz+ydo7FgoM=
x-amz-request-id: 855FGZBPXRX1WCG4
Date: Mon, 30 Jan 2023 20:36:18 GMT
x-amz-replication-status: FAILED
Last-Modified: Fri, 20 Jan 2023 13:10:17 GMT
ETag: "c9de0b920f64ae84245c3a3e14a406c9"
Cache-Control: no-cache,max-age=0,immutable
Content-Encoding: gzip
x-amz-version-id: ISP8ZB3S8RNImHlE7X_xc8uhPAKxDJYz
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 52442
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 53cdeefcf223b91fc2abc6f90c72567b
06508e7c6c9d2cc1e3f002d8428f5372064c6c53
3d91fcd354c9bbfd0a93703ae907a5489d7d4fcf60e1c2ebeb030603e3b32c78
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=150970
Date: Mon, 30 Jan 2023 20:36:17 GMT
Etag: "63d7c96e-1d7"
Expires: Wed, 01 Feb 2023 14:32:27 GMT
Last-Modified: Mon, 30 Jan 2023 13:43:10 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: S4kG2J56APrJtN95dA_S418rQQHq9uDrmYyaYWY0rucjA0Lgs3aB6Q==
Age: 2957
px.adentifi.com/Pixels?a_id=7106
35.172.37.30204 No Content 0 B URL HTTP/2 px.adentifi.com/Pixels?a_id=7106
IP 35.172.37.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Pixels?a_id=7106 HTTP/1.1
Host: px.adentifi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 20:36:17 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Ifmjw5UV6aI
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Ifmjw5UV6aI
IP 142.250.74.131:0
Hash 670a8bafffddc273b6eec3669feafde8
ac4020459e57cc97db60e9e28db6dc7aa46c2f96
710ef88cde6485d941b033143df60852f7572be38cdb5daf527a114ee4a9b18d
POST /s/gts1d4/Ifmjw5UV6aI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 9f76d4eb9db3a49ef3bd3b86f86bf3d7
a1d428b669433c41dc4f0c948c906e76beda2b0b
0f5299159ebbbd1cb22b83b04fc18d4f3687bcce508ea360d6d2172e80a317aa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 20:36:18 GMT
Last-Modified: Mon, 30 Jan 2023 19:18:58 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Sq8HO9yJuz7wE5VxOSAq2h02y2lhvjL1yk39XRxSj7iSeM6NuUt1Gg==
Age: 4640
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C17QSE3D7BBN20GTF5HG&lib=ttq
23.36.79.32200 OK 1.1 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C17QSE3D7BBN20GTF5HG&lib=ttq
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2317)
Hash 087d09d6f35beba85bd45bca0531bcc7
1f3c322b05aa3ee0bf1ddcf617de203a82e1bfbb
9719ad252805d88a06ec1ef37719144def30b49652548c59bab7fc3daab81dac
GET /i18n/pixel/events.js?sdkid=C17QSE3D7BBN20GTF5HG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230130203618EBBCEAE91C2B99813ECE
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60787dee798e7afc9c5500f386c65d6ca1a2c14dfef804779df4040f30358c65a18e26b7f23d5ca2ba6e24b1f29a222cd07d07d7c38d5c7adc0fd8709d31b2501e787d3882a4601b8e4bfe2b036e8f4d34
content-encoding: gzip
expires: Mon, 30 Jan 2023 20:36:18 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 20:36:18 GMT
content-length: 1147
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2L3sDEZZB2KGeYRC9Fi1gxYzc61; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=110
x-origin-response-time: 111,23.36.79.28
x-akamai-request-id: 5c50748d
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash ff8412fb17382621b0916c298414435f
e1188f0dff1cca4c6a1d15198bc6526034794ec8
57d7b94192964268e24f23e3419e17631c1f16482b921058489094cbf6e15df6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 20:36:18 GMT
Etag: "63d6fc38-1d7"
Last-Modified: Mon, 30 Jan 2023 19:19:43 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vYxxP2YtiGcgRadT_drkWQEVNADrg2wASfX33GA_dZbyFbJkKRxI-w==
Age: 4596
analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
23.36.79.32200 OK 95 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash 224f1684e366dd1a3cc1d47e7641335d
455787884e5a88b654e039875db96853b4c5fd7f
2224f6597816dd4183ccd72d09149c6a32e527951c69b5be170cc081ad89ea1c
GET /i18n/pixel/static/main.MWE2YWY2YTgzMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Cookie: _ttp=2L3sDEZZB2KGeYRC9Fi1gxYzc61
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023011217582238FCAA3D419588756972
x-tt-trace-host: 01e57b2566233939c0b7a614d728f3c137bda4b6e8ffed077a25e96861feda11fa551f058721a274fc4605886b55ca626730a56b385a942b4129028dfc561d0b618d751524aad0a4ae27ef533e55d2e8e40a3ad2aaa7ba995375ace641e8e6ae3a
content-encoding: gzip
date: Mon, 30 Jan 2023 20:36:18 GMT
content-length: 68605
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
x-akamai-request-id: 5c5077f7
X-Firefox-Spdy: h2
a10561433763.cdn.optimizely.com/client_storage/a10561433763.html
104.110.8.48200 OK 938 B URL HTTP/2 a10561433763.cdn.optimizely.com/client_storage/a10561433763.html
IP 104.110.8.48:0
File type HTML document, ASCII text, with very long lines (1371)
Hash b777415146be0f6351baeca363a794d5
7d5b9c3f89c2e0d41f6e24cc4833b98158ba07f7
bfc44209bb45cf681af886dfaca05d80f1d574deabd55565db3f568579d08de0
GET /client_storage/a10561433763.html HTTP/1.1
Host: a10561433763.cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MlQjQrjohokkoqLMQfOvwsciNuyCPkWwrOdzEct+z2FOoXRAulgndrhH5uooBFUymrSBIMJOG5E=
x-amz-request-id: 8K3RAV7DXYA6RWZM
x-amz-replication-status: PENDING
last-modified: Sun, 29 Jan 2023 22:33:05 GMT
etag: "cfb1b8ed54ba1434d88eb3c9c08789b7"
x-amz-server-side-encryption: AES256
x-amz-meta-pci_enabled: False
x-amz-version-id: 074jvRCZzmgf6kWjmbpBiUwwdimrrCCh
accept-ranges: bytes
content-type: text/html; charset=utf-8
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
x-akamai-transformed: 9 - 0 pmb=mRUM,2
content-encoding: gzip
date: Mon, 30 Jan 2023 20:36:18 GMT
content-length: 938
server-timing: cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="3";dur=0,cdnip;desc="104.110.8.48";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
collector-905.tvsquared.com/tv2track.js
3.130.249.83200 OK 8.5 kB URL HTTP/1.1 collector-905.tvsquared.com/tv2track.js
IP 3.130.249.83:0
File type ASCII text, with very long lines (1162)
Hash 4570d278025b2469017ba48b7229ac50
87675c32ba22b0b3883104968696a1df144a34ac
0dec000d7ea29ad1354b34ecb7ccc88809782255d6800829d7448b4c0e4d35a5
GET /tv2track.js HTTP/1.1
Host: collector-905.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=600
Content-Encoding: gzip
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 20:36:18 GMT
ETag: "639c42c0-2133"
Expires: Mon, 30 Jan 2023 20:46:18 GMT
Last-Modified: Fri, 16 Dec 2022 10:04:48 GMT
Server: nginx
X-Robots-Tag: noindex
Content-Length: 8499
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ff12cf926ef93df2f290efcca22f98
f8afd7282f24c87833557e05e6d2c5b6615662ba
16bef0ec785147ebaf7614145187179dbb441ae00b6c701e427635cfb6f2893b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4054
Cache-Control: max-age=127220
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:18 GMT
Etag: "63d76860-1d7"
Expires: Wed, 01 Feb 2023 07:56:38 GMT
Last-Modified: Mon, 30 Jan 2023 06:49:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ff12cf926ef93df2f290efcca22f98
f8afd7282f24c87833557e05e6d2c5b6615662ba
16bef0ec785147ebaf7614145187179dbb441ae00b6c701e427635cfb6f2893b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4054
Cache-Control: max-age=127220
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:18 GMT
Etag: "63d76860-1d7"
Expires: Wed, 01 Feb 2023 07:56:38 GMT
Last-Modified: Mon, 30 Jan 2023 06:49:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ff12cf926ef93df2f290efcca22f98
f8afd7282f24c87833557e05e6d2c5b6615662ba
16bef0ec785147ebaf7614145187179dbb441ae00b6c701e427635cfb6f2893b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6047
Cache-Control: max-age=129213
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:18 GMT
Etag: "63d76860-1d7"
Expires: Wed, 01 Feb 2023 08:29:51 GMT
Last-Modified: Mon, 30 Jan 2023 06:49:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ff12cf926ef93df2f290efcca22f98
f8afd7282f24c87833557e05e6d2c5b6615662ba
16bef0ec785147ebaf7614145187179dbb441ae00b6c701e427635cfb6f2893b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4054
Cache-Control: max-age=127220
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:18 GMT
Etag: "63d76860-1d7"
Expires: Wed, 01 Feb 2023 07:56:38 GMT
Last-Modified: Mon, 30 Jan 2023 06:49:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ff12cf926ef93df2f290efcca22f98
f8afd7282f24c87833557e05e6d2c5b6615662ba
16bef0ec785147ebaf7614145187179dbb441ae00b6c701e427635cfb6f2893b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6047
Cache-Control: max-age=129213
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:18 GMT
Etag: "63d76860-1d7"
Expires: Wed, 01 Feb 2023 08:29:51 GMT
Last-Modified: Mon, 30 Jan 2023 06:49:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
tms.hft.hellofresh.com/measurement-script
34.110.220.115200 OK 67 kB URL HTTP/2 tms.hft.hellofresh.com/measurement-script
IP 34.110.220.115:0
File type ASCII text, with very long lines (8006)
Hash 641548c412c12d2d913f66de160090e5
b4f2f62c8165f727d02d2d83e02c589da480c0bf
56953a7b3ab6b4f9b22227a2d53d44e759dc454d0b8d3cff0bfa3b15ca48c649
GET /measurement-script HTTP/1.1
Host: tms.hft.hellofresh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Cookie: __cf_bm=lfAbXQ5r3YLI4KYvc3Rnc3TmnsRMoZJk8uUj5vN_p7Q-1675110976-0-AcfkgaIgmhKA9raLB1g/BOecohLxg0IAFTudtXymXM91QjoT70YH2rUf9A/e7LG9I/iDjk3lC2/4P9wU2eRIQrTPSY/4G4IeJU4pr6bqOhQDKoGjB6qDX2gUPaVslILfZH2CwqCrrWRUqBTKWEXYIisXWIBjEeT46g1u3cj1k66IGR0fhzTiqSE7abyDa4J8VGhP9GgC39sgsuT7EOTUw8k=; __cfruid=2ab50f9cce026ab3dbc534e56055236ecf64bd77-1675110974; _gcl_au=1.1.1807096709.1675110991
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
vary: Accept-Encoding, Accept-Encoding
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-ranges: none
x-cloud-trace-context: 5ccbcdcdcfdd7fef6145ba47f3869eac
set-cookie: GAESA=CoABMDBmOGI2YmRiOGRhZGM4MTMzM2NkOGZmMDY2ZmQ3ODVlMmNiYzkyMDkyNDZmZDYyMjYzZTBlM2MxOTFkMzYyZTdmMzk0NGI2Njg4OWUxNDM0ZTE1ZTg5ZDJmODFhZTQxOTk4NzZjYjI0NDM3MjBjNzhkZmQ5ZTU4ZmJjNGE3MTAQjaOUo-Aw; expires=Wed, 01-Mar-2023 20:36:17 GMT; path=/
date: Mon, 30 Jan 2023 20:36:17 GMT
server: Google Frontend
via: 1.1 google
content-encoding: br
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=803ae193-6ad8-4427-8ef9-458aa3eb7e9c&u_scsid=c528d63b-a22e-4cbb-840a-9c09cd6639dd&u_sclid=a7e6abd8-43e7-445a-8c75-6e74a34a82b3
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=803ae193-6ad8-4427-8ef9-458aa3eb7e9c&u_scsid=c528d63b-a22e-4cbb-840a-9c09cd6639dd&u_sclid=a7e6abd8-43e7-445a-8c75-6e74a34a82b3
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=803ae193-6ad8-4427-8ef9-458aa3eb7e9c&u_scsid=c528d63b-a22e-4cbb-840a-9c09cd6639dd&u_sclid=a7e6abd8-43e7-445a-8c75-6e74a34a82b3 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:36:18 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ff12cf926ef93df2f290efcca22f98
f8afd7282f24c87833557e05e6d2c5b6615662ba
16bef0ec785147ebaf7614145187179dbb441ae00b6c701e427635cfb6f2893b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4054
Cache-Control: max-age=127220
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:18 GMT
Etag: "63d76860-1d7"
Expires: Wed, 01 Feb 2023 07:56:38 GMT
Last-Modified: Mon, 30 Jan 2023 06:49:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/p?pid=803ae193-6ad8-4427-8ef9-458aa3eb7e9c&ev=VIEW_CONTENT&u_hem=FFF74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b&pl=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts&bt=1d53c387&if=false&m_dcl=3170&m_fcps=1588&m_pi=1588&m_pl=3872&m_pv=v2&m_rd=5487&m_sl=5482&rf=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&trackId=20d4f7d3-8b20-4541-8922-bf04ec935336&ts=1675110992045&u_c1=3bbce9d8-0097-4286-b971-6edaf5f327c2&u_sclid=a7e6abd8-43e7-445a-8c75-6e74a34a82b3&u_scsid=c528d63b-a22e-4cbb-840a-9c09cd6639dd&v=2.0.0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?pid=803ae193-6ad8-4427-8ef9-458aa3eb7e9c&ev=VIEW_CONTENT&u_hem=FFF74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b&pl=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts&bt=1d53c387&if=false&m_dcl=3170&m_fcps=1588&m_pi=1588&m_pl=3872&m_pv=v2&m_rd=5487&m_sl=5482&rf=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&trackId=20d4f7d3-8b20-4541-8922-bf04ec935336&ts=1675110992045&u_c1=3bbce9d8-0097-4286-b971-6edaf5f327c2&u_sclid=a7e6abd8-43e7-445a-8c75-6e74a34a82b3&u_scsid=c528d63b-a22e-4cbb-840a-9c09cd6639dd&v=2.0.0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=803ae193-6ad8-4427-8ef9-458aa3eb7e9c&ev=VIEW_CONTENT&u_hem=FFF74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b&pl=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts&bt=1d53c387&if=false&m_dcl=3170&m_fcps=1588&m_pi=1588&m_pl=3872&m_pv=v2&m_rd=5487&m_sl=5482&rf=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&trackId=20d4f7d3-8b20-4541-8922-bf04ec935336&ts=1675110992045&u_c1=3bbce9d8-0097-4286-b971-6edaf5f327c2&u_sclid=a7e6abd8-43e7-445a-8c75-6e74a34a82b3&u_scsid=c528d63b-a22e-4cbb-840a-9c09cd6639dd&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:36:18 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQ3AMAgEsImQAjq4ZpzwbMHwta3gQY5MFwVvQh7rSnYiw+Bo29Wgq57Lb88PnA3QOjIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 21
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
azetbd4r.micpn.com/p/cp/-1/track.gif?t=1675110992072&mi_u=anon-1675110992055-1593091370&mi_cid=6571&page_title=Order%20Your%20Delicious%20Meal%20Kit%20%7C%20Healthy%20Meals%20%7C%20HelloFresh&referrer=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&event_type=pageview&cdate=1675110992055&ck=false&anon=true&type=category&id=plans&title=plans&url=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts
54.230.111.22200 OK 42 B URL HTTP/2 azetbd4r.micpn.com/p/cp/-1/track.gif?t=1675110992072&mi_u=anon-1675110992055-1593091370&mi_cid=6571&page_title=Order%20Your%20Delicious%20Meal%20Kit%20%7C%20Healthy%20Meals%20%7C%20HelloFresh&referrer=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&event_type=pageview&cdate=1675110992055&ck=false&anon=true&type=category&id=plans&title=plans&url=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts
IP 54.230.111.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /p/cp/-1/track.gif?t=1675110992072&mi_u=anon-1675110992055-1593091370&mi_cid=6571&page_title=Order%20Your%20Delicious%20Meal%20Kit%20%7C%20Healthy%20Meals%20%7C%20HelloFresh&referrer=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&event_type=pageview&cdate=1675110992055&ck=false&anon=true&type=category&id=plans&title=plans&url=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts HTTP/1.1
Host: azetbd4r.micpn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
x-uuid: 78ea4b9e-1a6c-4f3e-b924-e7d8478ae642
pragma: no-cache
access-control-expose-headers: X-Error
access-control-allow-origin: https://app.movableink.com
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
set-cookie: _mibhv=anon-1675110992055-1593091370_6571; Expires=Tue, 30 Jan 2024 20:36:18 GMT; Path=/; HttpOnly; Secure; SameSite=None;
_midat=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Path=/; HttpOnly; Secure; SameSite=None;
date: Mon, 30 Jan 2023 20:36:18 GMT
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7P8dsbBFKrP-8egdquNSDkxeVyHwKBqjRgzVNfwWHV9dY7IBTYlR1g==
X-Firefox-Spdy: h2
flask.nextdoor.com/pixel?pid=72169bbc-ed64-48c8-b79b-ff84b930424&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts&ndclid=&rf=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&sem=&tm=1
100.21.70.12204 No Content 0 B URL HTTP/2 flask.nextdoor.com/pixel?pid=72169bbc-ed64-48c8-b79b-ff84b930424&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts&ndclid=&rf=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&sem=&tm=1
IP 100.21.70.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?pid=72169bbc-ed64-48c8-b79b-ff84b930424&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts&ndclid=&rf=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&sem=&tm=1 HTTP/1.1
Host: flask.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 20:36:18 GMT
server: istio-envoy
context-id: 53a28067-4d20-49d0-b81f-cde357a62b79
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.9 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (17737), with no line terminators
Hash 69ccf6d91702cd65dedfbad36e94c61b
adce8bd55dcc466c709dc96e230cbdd72fb27645
9a5b793c3b453c30229658bebe68719aa0df37a71ef371a6c6117e123b091e64
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "9f0b052ec22f789c3cc95c26dd0da7f4:1674389451.57807"
Last-Modified: Sun, 22 Jan 2023 12:08:14 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Mon, 30 Jan 2023 20:56:18 GMT
Date: Mon, 30 Jan 2023 20:36:18 GMT
Content-Length: 5884
Connection: keep-alive
cdn3.optimizely.com/js/geo4.js
104.110.9.127200 OK 302 B URL HTTP/1.1 cdn3.optimizely.com/js/geo4.js
IP 104.110.9.127:0
Hash 56e10233eaa57653e63ee929e1c619cf
864e4dfc0f6b0a2d73680b80eb476003b303eab7
4515bfcea10a9dfd175ba279138db6023e67d536edb9c9b542b4af85d8fc7146
GET /js/geo4.js HTTP/1.1
Host: cdn3.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AmazonS3
Content-Length: 302
Content-Type: application/javascript
x-amz-id-2: +tkr/7Ns7kenSzCK7455ZyE4sN+8K/pZ+M8ci8OpfMRII6vk5qGLnhIQW4kmSFsTbjS5D/kX93I=
Unused62: 8096267
x-amz-version-id: F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
x-amz-server-side-encryption: AES256
ETag: "8777c006589ecabfa3d63a6b5bf24393"
x-amz-replication-status: COMPLETED
x-amz-request-id: M8KPVV219SSHET6W
Cache-Control: max-age=24897
Date: Mon, 30 Jan 2023 20:36:18 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 11E368258B8A43A69236D96EC370FEDA Ref B: OSL30EDGE0521 Ref C: 2023-01-30T20:36:18Z
date: Mon, 30 Jan 2023 20:36:18 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 19 kB IP 142.250.74.131:0
Hash 0087c505dc97be30380c79aa541b65b4
a57b2e7049ae963f698f98ba5c147fe204529723
83e7fc0d782eaba5fa49021bf6b0650031d3e14fce5789b4ec41e7b5a650adcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&v=1&_r=4&_v=j108&slf_rd=1&tid=UA-27893453-9&cid=104073890.1675110991&jid=761311776
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&v=1&_r=4&_v=j108&slf_rd=1&tid=UA-27893453-9&cid=104073890.1675110991&jid=761311776
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&v=1&_r=4&_v=j108&slf_rd=1&tid=UA-27893453-9&cid=104073890.1675110991&jid=761311776 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 20:36:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&v=1&_r=3&_v=j108&tid=UA-27893453-9&cid=104073890.1675110991&jid=761311776&gjid=980601227&_gid=833828664.1675110991
173.194.221.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&v=1&_r=3&_v=j108&tid=UA-27893453-9&cid=104073890.1675110991&jid=761311776&gjid=980601227&_gid=833828664.1675110991
IP 173.194.221.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
GET /j/collect?t=dc&aip=1&v=1&_r=3&_v=j108&tid=UA-27893453-9&cid=104073890.1675110991&jid=761311776&gjid=980601227&_gid=833828664.1675110991 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 20:36:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
23.36.79.32200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 85bd96a56a6a7f09e3e7dadc7980152e
37590c595abeb315046a293a9e53632ae2128ac4
c27be18eef006f48310fb2b0c456d6bcb1f3b0298dcb6e580724923323cb48a7
GET /i18n/pixel/static/identify_c4832.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Cookie: _ttp=2L3sDEZZB2KGeYRC9Fi1gxYzc61
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230112175825D19F86481431D6BBCCFF
x-tt-trace-host: 012b38305f60bfa8a9f04bdd846fde846b507e69fff233d9a114d447ebe9f93c0f827e6bc0806bd5a24cf0439744099e1e4bba0637571d8edb56c6009f69fe5018b8e38bd5b93708ee64c377fa97874d18ceefbea8a477a7fa2bec40c3b56c69b1
content-encoding: gzip
date: Mon, 30 Jan 2023 20:36:18 GMT
content-length: 30917
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 5c507c26
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 2eff3e26eb775e762eb08e0ff62d629e
061be1505aeb598d4aa3b3e4673c01feab9b2e11
88065fc7d888e2526b260527a719034cff0a7577c70099c69abe0d2d364526be
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121349
Date: Mon, 30 Jan 2023 20:36:18 GMT
Etag: "63d75337-1d7"
Expires: Wed, 01 Feb 2023 06:18:47 GMT
Last-Modified: Mon, 30 Jan 2023 05:18:47 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lBRK1ZmssCVlAfyDJWZW74DTdSdzloqLnv50_hmNDAuXtVolE32wKQ==
Age: 3600
alb.reddit.com/rp.gif?ts=1675110992028&id=t2_zl60f&event=ViewContent&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=8b06c5ae-ffe5-4c30-be4d-d2fbb2573992&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
151.101.1.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1675110992028&id=t2_zl60f&event=ViewContent&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=8b06c5ae-ffe5-4c30-be4d-d2fbb2573992&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
IP 151.101.1.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1675110992028&id=t2_zl60f&event=ViewContent&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=8b06c5ae-ffe5-4c30-be4d-d2fbb2573992&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Mon, 30 Jan 2023 20:36:18 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:36:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/602.js
52.218.62.40200 OK 6.5 kB URL HTTP/1.1 web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/602.js
IP 52.218.62.40:0
File type ASCII text, with very long lines (16174)
Hash 4fe7ae4a40dd8f2f40a3f586a70eca31
c6cfbaa1ff3b5dbbf644a2c8e5b89d1f3c7fdd15
a1752c50200e40e9b56f5799f45ed1d9c4af41916973bc956ecdc66c6bcf0720
GET /live/602.js HTTP/1.1
Host: web-chat-tag-cdn.s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: D74QF8zhl4c4YQZtTvugHeTajCS63jWlDyCB5/zRDlfZIS4iFQa6M6Vb/RwTEqar0YcDBJ6iFC8=
x-amz-request-id: MTWA9KSBMNDFYARD
Date: Mon, 30 Jan 2023 20:36:19 GMT
x-amz-replication-status: FAILED
Last-Modified: Fri, 20 Jan 2023 13:10:17 GMT
ETag: "4fe7ae4a40dd8f2f40a3f586a70eca31"
Cache-Control: no-cache,max-age=0,immutable
Content-Encoding: gzip
x-amz-version-id: SVgxXRPb542VkLlvPjTgJBIAlOQz2Xpn
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 6479
jadserve.postrelease.com/rt.gif?ntv_tg=144a780f77e546d7bd251e3287e19b9e&ord=[cache_buster]
34.251.191.149200 OK 303 B URL HTTP/2 jadserve.postrelease.com/rt.gif?ntv_tg=144a780f77e546d7bd251e3287e19b9e&ord=[cache_buster]
IP 34.251.191.149:0
Hash b41f054f4de4b882f53e735ea4886a3e
4ec9a42e5a0bbee91c3859e44f06e0214f1c1a44
a7f1a5241670dce795de8822a82fe07084c61a933d7145170dc8288058b4e5fc
GET /rt.gif?ntv_tg=144a780f77e546d7bd251e3287e19b9e&ord=[cache_buster] HTTP/1.1
Host: jadserve.postrelease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:36:19 GMT
content-type: image/gif
content-length: 43
server: nginx/1.12.2
expires: Mon, 1 Jan 1990 12:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: opt_out=1; Domain=.postrelease.com; Expires=Tue, 30-Jan-2024 20:36:19 GMT; Path=/; Secure; SameSite=None;
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1063
Origin: https://www.hellofresh.com
Connection: keep-alive
Referer: https://www.hellofresh.com/
Cookie: _ttp=2L3sDEZZB2KGeYRC9Fi1gxYzc61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023013020361952460121A8D24CA1ABD1
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60ea3bd74341822a8ce8788001e62d18d297faa197f479717ea36448e148221384537be088a67f0c7337a9f69025d7ba751dbbbd0d997fcea596cc2d1d9c877bd5bd3c6e879558b099cc09aa27b2d35688061ae028f2ba1262d03de866257b6feb72a14efeb0c3de59e25331122f3924c5
x-origin-response-time: 21,184.25.157.163
x-akamai-request-id: 2d70cef0.6a7ce489.5c507c6a
expires: Mon, 30 Jan 2023 20:36:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 20:36:19 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a95-101-10-204.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=21, inner; dur=17
x-parent-response-time: 121,95.101.10.204, 124,23.36.79.28
X-Firefox-Spdy: h2
collector-905.tvsquared.com/tv2track.php?action_name=Order%20Your%20Delicious%20Meal%20Kit%20%7C%20Healthy%20Meals%20%7C%20HelloFresh&idsite=TV-099045-1&rec=1&r=614627&h=20&m=36&s=32&url=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts&urlref=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&_id=26f2c3d0597f2ee4&_idts=1675110993&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=1351
3.130.249.83200 OK 42 B URL HTTP/1.1 collector-905.tvsquared.com/tv2track.php?action_name=Order%20Your%20Delicious%20Meal%20Kit%20%7C%20Healthy%20Meals%20%7C%20HelloFresh&idsite=TV-099045-1&rec=1&r=614627&h=20&m=36&s=32&url=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts&urlref=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&_id=26f2c3d0597f2ee4&_idts=1675110993&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=1351
IP 3.130.249.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 00657dd79637a8daf5e6196ca17f1887
3e064855d1fe7c6eac52981a646ec5840ba7efb5
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
GET /tv2track.php?action_name=Order%20Your%20Delicious%20Meal%20Kit%20%7C%20Healthy%20Meals%20%7C%20HelloFresh&idsite=TV-099045-1&rec=1&r=614627&h=20&m=36&s=32&url=https%3A%2F%2Fwww.hellofresh.com%2Fplans%3Fc%3DXU-LRK16%26utm_source%3Deduleads%26utm_medium%3Demail%26utm_campaign%3D2023eduleads%26dm%3Dmeals%26mealsize%3D4-2%26dm_gifts%3Dgifts&urlref=https%3A%2F%2Fwww.mail1.staffupdate.net%2F&_id=26f2c3d0597f2ee4&_idts=1675110993&_idvc=0&_idn=1&_viewts=&cookie=1&res=1280x1024>_ms=1351 HTTP/1.1
Host: collector-905.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Mon, 30 Jan 2023 20:36:19 GMT
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Request-Id: f36331c1-653d-4888-9568-9e3acbc0f622
Server: nginx
Content-Length: 42
Connection: keep-alive
alb.reddit.com/rp.gif?ts=1675110992030&id=t2_zl60f&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=8b06c5ae-ffe5-4c30-be4d-d2fbb2573992&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
151.101.1.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1675110992030&id=t2_zl60f&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=8b06c5ae-ffe5-4c30-be4d-d2fbb2573992&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
IP 151.101.1.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1675110992030&id=t2_zl60f&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=8b06c5ae-ffe5-4c30-be4d-d2fbb2573992&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Mon, 30 Jan 2023 20:36:19 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/core-bubble.js
52.218.62.40200 OK 1.0 kB URL HTTP/1.1 web-chat-tag-cdn.s3.eu-west-1.amazonaws.com/live/core-bubble.js
IP 52.218.62.40:0
File type ASCII text, with very long lines (2132), with no line terminators
Hash 4f9eca1bb3e3abc3a0b39117cc9b54d2
67a1564ce97d6e7d5c0139de09a4bdaf35cca517
f275a273641cea011f4a9cba98091e0cf57090db9f6e0a8b35b919d629ffd0af
GET /live/core-bubble.js HTTP/1.1
Host: web-chat-tag-cdn.s3.eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 43R7NCXVOBH8TJwXElrBqGbLdlI9wALj7ZtINRVhj4ClYAL3WkwJri6GV8lAfps5P1zV/fxR1nY=
x-amz-request-id: PPSVPK7QGSXJ6QFD
Date: Mon, 30 Jan 2023 20:36:20 GMT
x-amz-replication-status: FAILED
Last-Modified: Fri, 20 Jan 2023 13:10:17 GMT
ETag: "4f9eca1bb3e3abc3a0b39117cc9b54d2"
Cache-Control: no-cache,max-age=0,immutable
Content-Encoding: gzip
x-amz-version-id: z_5kCgRM2VZWxVovTZDQzX68hgBk09XP
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 1031
analytics.tiktok.com/api/v2/pixel
23.36.79.32200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 918
Origin: https://www.hellofresh.com
Connection: keep-alive
Referer: https://www.hellofresh.com/
Cookie: _ttp=2L3sDEZZB2KGeYRC9Fi1gxYzc61
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023013020361976E8ACC71C8FCF7C3E9A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60ea3bd74341822a8ce8788001e62d18d27e567cd893f4990109c758616cffc52ca5597d87098437a364b17a7e9fbc2dd3b0fd72284ebe2787b145a83b2df9f1b97ba00edd2e1278505dbfd57b4f62901752f1664efb5d71fb8c721bdd1cac35859c850ca07717e6433871d730c371f7ef
x-origin-response-time: 39,184.25.157.170
x-akamai-request-id: 303d1d9f.4312c2c9.5c507c75
expires: Mon, 30 Jan 2023 20:36:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 20:36:19 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=175, origin; dur=39, inner; dur=35
x-parent-response-time: 207,95.101.10.109, 210,23.36.79.28
X-Firefox-Spdy: h2
tr.snapchat.com/config/com/803ae193-6ad8-4427-8ef9-458aa3eb7e9c.js
35.190.43.134200 OK 203 B URL HTTP/2 tr.snapchat.com/config/com/803ae193-6ad8-4427-8ef9-458aa3eb7e9c.js
IP 35.190.43.134:0
Hash 3481004ab37a7040aeea62be7149e6af
c36a840b5b73cced691c739897607775a6d781dc
b56d079360cebc2dc2aa7567092787139670e27de4a1a03dc69af247345c8993
GET /config/com/803ae193-6ad8-4427-8ef9-458aa3eb7e9c.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hellofresh.com
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:36:18 GMT
access-control-allow-origin: https://www.hellofresh.com
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.nextdoor.com/public/pixel/ndp.js
100.21.70.12200 OK 3.1 kB URL HTTP/2 ads.nextdoor.com/public/pixel/ndp.js
IP 100.21.70.12:0
File type ASCII text, with very long lines (6748), with no line terminators
Hash ba012603a5d9690d7781a9cfdf170e23
d8ad3d888edd98383598b7773fc87ede8a833fac
bcd668a35665391b851089ee18e235106368e9fac8a124ed1972ff859f6759c9
GET /public/pixel/ndp.js HTTP/1.1
Host: ads.nextdoor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:36:18 GMT
content-type: application/javascript
server: istio-envoy
last-modified: Mon, 23 Jan 2023 23:42:54 GMT
vary: Accept-Encoding
etag: W/"63cf1b7e-19c7"
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash f00a5e099baa6fb6de03dd876b13a8cd
f504f7260f35dd528cf26a83aa18f343561382e9
1126ad2cd65349b69fee3d133a5438e66e6bc466e10d346237076544baebc1fc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118022
Date: Mon, 30 Jan 2023 20:36:19 GMT
Etag: "63d74d85-1d7"
Expires: Wed, 01 Feb 2023 05:23:21 GMT
Last-Modified: Mon, 30 Jan 2023 04:54:29 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jnnn4fIc_CnPuYNblteeZRvk64aGt5sVspNGPdTFndeeO_kdYsYyxw==
Age: 1732
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:37 GMT
age: 81702
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
w.usabilla.com/ef7653be7587.js?lv=1
52.210.21.49200 OK 11 kB URL HTTP/2 w.usabilla.com/ef7653be7587.js?lv=1
IP 52.210.21.49:0
File type ASCII text, with very long lines (632)
Hash e34e159f84a8756a5476494ec04ef8ec
a23a4d90d2d86ca260a2894ae41eb542f1994fe5
0c0b8b9f1132ae32e2fa32372d58feac4cd3c6e692dab69bdac99656a223ebe8
GET /ef7653be7587.js?lv=1 HTTP/1.1
Host: w.usabilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:36:19 GMT
content-type: text/javascript
content-length: 10799
cache-control: public,max-age=0
content-encoding: gzip
etag: "83e4a401be62185704eebe6081035146"
pragma: no-cache
x-widget-server: 2.1
X-Firefox-Spdy: h2
vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
54.230.111.85200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-2722367854ce9702c28ea74c51e2a23f.html
IP 54.230.111.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 8665e233ef6caaf010ca89793f27b6f8
5c593fa5f33e55b3081308b43e6e801b56c047f7
435a3ca7c1c49cbfac193647d056e46217e5c3f9c65c354974ad7acdfb8925ac
GET /box-2722367854ce9702c28ea74c51e2a23f.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Mon, 30 Jan 2023 16:06:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "8665e233ef6caaf010ca89793f27b6f8"
last-modified: Mon, 30 Jan 2023 16:05:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y7yNSzvbajXqfcyv1DU43GHJgwcABzLJW-A7k4UmXlYd2sw6cMlwpw==
age: 16213
X-Firefox-Spdy: h2
s.yimg.com/wi/ytc.js
87.248.119.251200 OK 0 B IP 87.248.119.251:0
ASN #203220 Yahoo! UK Services Limited
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1pCS95z+dseNhGUeWrCFnD6zFE+mf5/0w0BIt0t44s6cumJVyL7dExAkunODJxeQ5euAYv7IfVw=
x-amz-request-id: EG8JYKPJ95F2W27D
date: Mon, 30 Jan 2023 20:35:11 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 68
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
azetbd4r.micpn.com/p/js/1.js
54.230.111.22200 OK 0 B URL HTTP/2 azetbd4r.micpn.com/p/js/1.js
IP 54.230.111.22:0
GET /p/js/1.js HTTP/1.1
Host: azetbd4r.micpn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
x-uuid: a1efd3eb-04c2-44f7-8d9f-e1bac68691a0
cache-control: no-cache max-age=0
expires: Thu, 01 Dec 1994 16:00:00 GMT
pragma: no-cache
p3p: policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
timing-allow-origin: https://www.hellofresh.com
date: Mon, 30 Jan 2023 20:34:08 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VpzZnX6x76CMIdl1PAE_y1leaSwi7PjgdKruph1aZHs2uDjAZZswgg==
age: 129
X-Firefox-Spdy: h2
track.securedvisit.com/js/sv.js?sv_cid=2580_03907&sv_origin=hellofresh.com
34.233.197.174200 OK 0 B URL HTTP/2 track.securedvisit.com/js/sv.js?sv_cid=2580_03907&sv_origin=hellofresh.com
IP 34.233.197.174:0
GET /js/sv.js?sv_cid=2580_03907&sv_origin=hellofresh.com HTTP/1.1
Host: track.securedvisit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:36:18 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.22.0
vary: Accept-Encoding
etag: W/"273cf9801333aefc61a4f311b0692f6a"
last-modified: Mon, 30 Jan 2023 20:36:18 GMT
expires: Mon, 30 Jan 2023 20:36:18 GMT
pragma: no-cache
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, private
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-546009.js?sv=5
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-546009.js?sv=5
IP 54.230.111.113:0
GET /c/hotjar-546009.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hellofresh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 20:36:18 GMT
cache-control: max-age=60
etag: W/dd7c6bca46c783d495c8ad41b1116f57
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6D31xq57T3LBDa84HXpULzNjtge2Lt2jFzeUbVOXjrQwVuqA0dlbQw==
age: 24
X-Firefox-Spdy: h2