tpostmag.net/index.php/campaigns/wj939odcyh997/track-url/wg703drxbs5e9/0414af391fa3d4e134ba4ced8b713ee22240184d
51.210.44.172301 Moved Permanently 334 B URL HTTP/1.1 tpostmag.net/index.php/campaigns/wj939odcyh997/track-url/wg703drxbs5e9/0414af391fa3d4e134ba4ced8b713ee22240184d
IP 51.210.44.172:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2264a431d205954bc1f868122e72feac
8e01afd97b3109ed3830019521230cca1a1f5e4d
5347aa06276f64be1da762ce1592ca0eaae9befd0a29880ea0e104c0586976ad
GET /index.php/campaigns/wj939odcyh997/track-url/wg703drxbs5e9/0414af391fa3d4e134ba4ced8b713ee22240184d HTTP/1.1
Host: tpostmag.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 22:12:33 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Location: https://secure.talkciti.com/index.php/campaigns/wj939odcyh997/track-url/wg703drxbs5e9/0414af391fa3d4e134ba4ced8b713ee22240184d
Content-Length: 334
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4955
Expires: Mon, 30 Jan 2023 23:35:09 GMT
Date: Mon, 30 Jan 2023 22:12:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9531
Expires: Tue, 31 Jan 2023 00:51:25 GMT
Date: Mon, 30 Jan 2023 22:12:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 21:35:46 GMT
content-type: application/json
age: 2208
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10043
Expires: Tue, 31 Jan 2023 00:59:57 GMT
Date: Mon, 30 Jan 2023 22:12:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: f53lSEo06VWBbJcS/tNfzNaiJopoEIIKw7q3m4zL+3gZZpjelKD/1U/AsHLof/KBLZyrldX4xNk=
x-amz-request-id: 9521SWHJZG1K814A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 21:21:57 GMT
age: 3037
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 22:12:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2edd3eacee70f32bd3c721e2d4be6392
5024f0325a6a7ec1ee13ebffd84452a8d7264191
97c76d31687c705a4fa2b1ad4cd3ad91874bdb9a55510059762a788f0a0e094d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97C76D31687C705A4FA2B1AD4CD3AD91874BDB9A55510059762A788F0A0E094D"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17838
Expires: Tue, 31 Jan 2023 03:09:52 GMT
Date: Mon, 30 Jan 2023 22:12:34 GMT
Connection: keep-alive
secure.talkciti.com/index.php/campaigns/wj939odcyh997/track-url/wg703drxbs5e9/0414af391fa3d4e134ba4ced8b713ee22240184d
51.83.71.156301 Moved Permanently 0 B URL HTTP/1.1 secure.talkciti.com/index.php/campaigns/wj939odcyh997/track-url/wg703drxbs5e9/0414af391fa3d4e134ba4ced8b713ee22240184d
IP 51.83.71.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /index.php/campaigns/wj939odcyh997/track-url/wg703drxbs5e9/0414af391fa3d4e134ba4ced8b713ee22240184d HTTP/1.1
Host: secure.talkciti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 22:12:34 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/8.0.1
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: mwsid=r6p5topqv3vke302lta12moor2; path=/; HttpOnly
Last-Modified: Mon, 30 Jan 2023 22:12:34 GMT
Location: https://www.tpostmag.net
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 21:41:41 GMT
age: 1853
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3293
Expires: Mon, 30 Jan 2023 23:07:27 GMT
Date: Mon, 30 Jan 2023 22:12:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 62b9ca74ffdcf193dad9a646f06900d1
301318ed2a2c407ad7dde7cd6bcfb75d6f0e1138
5809883425cc8e621070e5d0f5fbd12525542a3e4c5fcffce94412fe4f4d9733
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5809883425CC8E621070E5D0F5FBD12525542A3E4C5FCFFCE94412FE4F4D9733"
Last-Modified: Mon, 30 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 31 Jan 2023 04:12:34 GMT
Date: Mon, 30 Jan 2023 22:12:34 GMT
Connection: keep-alive
www.tpostmag.net/
51.210.44.172301 Moved Permanently 230 B IP 51.210.44.172:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b0687774768cc08d425637febd44de87
e28e0cb381ed140bd661d0f2956385dea1432a5a
9592d43afe718532d025539066a483156fbef4bdc47e985c78e70771825b192f
GET / HTTP/1.1
Host: www.tpostmag.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 22:12:34 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Location: https://www.t-post.com
Content-Length: 230
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
push.services.mozilla.com/
34.213.121.129101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.121.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4K3IAvDY0nyYqtMrEZkESA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XAvHdlmab5VFgPTXn2j4Lv8ZmaQ=
www.t-post.com/
160.153.250.62200 OK 108 kB IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5202)
Size 108 kB (108541 bytes)
Hash 7762aded3ee9787bada68e5ab04b36ed
da0f32027cb7eb5cb3cd8c7ad3f97eb82213f709
8408c9e081eb14a3532df38a95e211365e4d2ca6031464390ee7ddd024b68256
GET / HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:34 GMT
Server: Apache
Link: <https://www.t-post.com/wp-json/>; rel="https://api.w.org/", <https://www.t-post.com/>; rel=shortlink
Set-Cookie: _icl_current_language=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
_icl_current_language=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.t-post.com/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.3.8
160.153.250.62200 OK 1.3 kB URL HTTP/1.1 www.t-post.com/wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.3.8
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash ef6550c617b6b72d85c89a998763bba3
27e47e6e18d54ab2a1b416be391394e746abbe0c
041781c2982069edb8299d2e733e7166f14c1cdb5b6db8839a0a4217af7c7282
GET /wp-content/plugins/sitepress-multilingual-cms/res/css/language-selector.css?v=3.3.8 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Mon, 09 Nov 2020 11:41:15 GMT
ETag: "17fb-5b3ab0a3a51d8-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 1304
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.t-post.com/wp-content/themes/wordpress_theme/css/modal.css
160.153.250.62200 OK 524 B URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/css/modal.css
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash dbfd267416a19183d1d0b0aec03cbc28
abed0a9839bb5caa6cd02d9cc507801cd2f2cc88
7f70103c6a175670957c699b719bcf5f819c8ccdd68faf5bfb1427083b4ea436
GET /wp-content/themes/wordpress_theme/css/modal.css HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:10:51 GMT
ETag: "568-5b3d12c093920-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 524
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.t-post.com/wp-content/themes/wordpress_theme/css/style.css?ver=2.53
160.153.250.62200 OK 7.0 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/css/style.css?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash 6dd11f3a0fdd116e4029720aa280746b
5727f875dc97d288eaf299f30a738c3197c4e139
3afdbec1b1ca5a49bb5c765646ae44dff881a1dd79c5f9eb6933d5a2f4d376aa
GET /wp-content/themes/wordpress_theme/css/style.css?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Mon, 14 Dec 2020 10:46:33 GMT
ETag: "893d-5b66a5b005f88-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 7010
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.t-post.com/wp-content/themes/wordpress_theme/plugins/fancybox/jquery.fancybox.css?ver=2.53
160.153.250.62200 OK 1.2 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/plugins/fancybox/jquery.fancybox.css?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash a23419b814f0cf2874321647163a8ac7
fa4bca6a39102ba91ba57d9c28898df297eaa766
41f897805afdfa01bbe2ff78496b758d2fe0eca9ea3fca884202a85e1f8577ca
GET /wp-content/themes/wordpress_theme/plugins/fancybox/jquery.fancybox.css?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:12:52 GMT
ETag: "1037-5b3d133376f28-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 1249
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.t-post.com/wp-content/themes/wordpress_theme/css/normalize.css?ver=2.53
160.153.250.62200 OK 2.2 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/css/normalize.css?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash 659bfcba0130c5ab9cdb5cf85ee9e7b2
e7a2d3ec6f755d5abe146e03d74486796c199a23
04856796c3389f81fd0da292e3eb5dd7a33ffcb68b2158a28de4f4c82be2c091
GET /wp-content/themes/wordpress_theme/css/normalize.css?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:10:53 GMT
ETag: "1ec8-5b3d12c1b6190-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 2216
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.t-post.com/wp-content/themes/wordpress_theme/css/kuber.css?ver=2.53
160.153.250.62200 OK 881 B URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/css/kuber.css?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash 8e47deedd00e9e9d1a9f8f94489ef14e
d4625b6aff457f2749c6dfe97df2911e6f3e9f47
61d638c4c09d8bedd8a5f56752beef346d93b179d39b73d7b1df85b924fbf4b7
GET /wp-content/themes/wordpress_theme/css/kuber.css?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:10:52 GMT
ETag: "bfc-5b3d12c144d10-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 881
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.t-post.com/wp-content/themes/wordpress_theme/fonts/fonts.css?ver=2.53
160.153.250.62200 OK 252 B URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/fonts/fonts.css?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash ce5015088069d40361fd95e2afdeb10b
a39a7c18bc8fab0bee4974ed82a8f9bc41385b3a
4d3045617312cf8a614bd003429980ae818514d853d13629d597537ff7f554c9
GET /wp-content/themes/wordpress_theme/fonts/fonts.css?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:02 GMT
ETag: "1e8-5b3d12caaf760-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 252
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.t-post.com/wp-content/themes/wordpress_theme/css/layout.css?ver=2.53
160.153.250.62200 OK 880 B URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/css/layout.css?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash 982e457ccf39124081c1eea26e6c97ed
fc50ea1212d22347a0af2e233550fee2c2864444
dee4eecd5b5dfd9d92b7b405fd580493cc875bf5deaf162ec9d48346f1df1506
GET /wp-content/themes/wordpress_theme/css/layout.css?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:10:52 GMT
ETag: "a79-5b3d12c0ef5e0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 880
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.t-post.com/wp-content/themes/wordpress_theme/plugins/jquery.placeholderfix.js?ver=2.53
160.153.250.62200 OK 521 B URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/plugins/jquery.placeholderfix.js?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash f5b16ff0b1ebf517eca365b89abb5111
f5996f3b6969c0f0e85b1c1795a4607bd364bcb4
ee5f8059940a0582e163f49f4515957b50da1cd2327f86261e06b27a6578413c
GET /wp-content/themes/wordpress_theme/plugins/jquery.placeholderfix.js?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:12:07 GMT
ETag: "57a-5b3d1308c3100-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 521
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-content/themes/wordpress_theme/plugins/jquery.cookie.js?ver=2.53
160.153.250.62200 OK 1.4 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/plugins/jquery.cookie.js?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash fe9c85ab7a070b5f5645480981953507
92e86b0db965fa3d3932aec77d6481772be55988
e21bf3e673b03245d88be4782155a36f15e19176803f0bf6c53e7ab271cf443d
GET /wp-content/themes/wordpress_theme/plugins/jquery.cookie.js?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:12:06 GMT
ETag: "c17-5b3d13077dde0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 1352
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-content/themes/wordpress_theme/plugins/slides.min.jquery.js?ver=2.53
160.153.250.62200 OK 3.2 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/plugins/slides.min.jquery.js?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (11379)
Hash e32dbe27c25d6a4b67b42e5b7b9ed73c
fec66a963cafe6c214fe293db31450ff0346894a
a4434bc4cece29a070edcec18466a5dde1890f3d02266357398b2961ff6d8864
GET /wp-content/themes/wordpress_theme/plugins/slides.min.jquery.js?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:12:08 GMT
ETag: "8616-5b3d13094dbc0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 3210
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-content/themes/wordpress_theme/js/forms.js?ver=2.53
160.153.250.62200 OK 11 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/js/forms.js?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type assembler source, Unicode text, UTF-8 text, with very long lines (1242)
Hash fd4981397889fbe63f8cbdf8549e9372
ad10e54de0c004153a6d4ecf3c11287ea3486230
b388554020d092fb814f79e89bf6b882ed06857651d036a89e1b376ea2f40a20
GET /wp-content/themes/wordpress_theme/js/forms.js?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:52 GMT
ETag: "b35b-5b3d12fad8ce8-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 10958
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-content/themes/wordpress_theme/plugins/jquery-min.js?ver=2.53
160.153.250.62200 OK 33 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/plugins/jquery-min.js?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (32089)
Hash d0b1da79fa624731424edc827706bd3c
5d185d494cb03f4cda445a48c5ea4bfbab1fb893
c3fc7d7eaf8b976d64b0371ecead8daf25015c5961dd6879a78a65eb27f53563
GET /wp-content/themes/wordpress_theme/plugins/jquery-min.js?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:12:06 GMT
ETag: "169d6-5b3d1308120f8-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 32776
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-content/themes/wordpress_theme/js/scripts.js?ver=2.53
160.153.250.62200 OK 2.2 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/js/scripts.js?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash d915e44df30c503a64eaec2826ec7443
69fc214863df71ffffaf948f283734066ba76792
d25b4b6f9e2fce6f7d60cabad7daeea1c30304625352f5a2e31a851d15843068
GET /wp-content/themes/wordpress_theme/js/scripts.js?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:55 GMT
ETag: "1ffa-5b3d12fd7c968-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 2229
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-content/themes/wordpress_theme/js/blind.js?ver=2.53
160.153.250.62200 OK 474 B URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/js/blind.js?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash 3bee20d43e9da36649033fcb08b8761c
3b05cf00045f02cc2a239110ed421e53db9e60db
3fa603535cbf6b0ef425385d5919006670f6896b6666a71fa6e7d78e242bab41
GET /wp-content/themes/wordpress_theme/js/blind.js?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:52 GMT
ETag: "429-5b3d12fa4f5b0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 474
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-content/themes/wordpress_theme/js/moonlight.js
160.153.250.62200 OK 4.4 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/js/moonlight.js
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (14007)
Hash 38ea997c5ab14c46a6a27e538ae445a2
c22762c197ee7413138cdced49ce0e2c014d238b
df16216f0bfc61e9cbfd18b4cad5583237411548c137310ea5fd98070ee9d8ff
GET /wp-content/themes/wordpress_theme/js/moonlight.js HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:54 GMT
ETag: "3805-5b3d12fcc1d20-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 4439
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/x-javascript
t-post.com/members/backoffice/functions/ajaxCalls.js
160.153.250.62200 OK 3.4 kB URL HTTP/1.1 t-post.com/members/backoffice/functions/ajaxCalls.js
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash 931305e3f94a84769d0cfe951a6f5d3c
4e77cc17123b269b932e4b2e9502f8a6d95be6b0
bf13347e1749da0a63c662bb628754f95eeaa6f639f2016210258524004334e2
GET /members/backoffice/functions/ajaxCalls.js HTTP/1.1
Host: t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Mon, 16 Nov 2020 04:29:23 GMT
ETag: "4654-5b431d2a299b0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 3369
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-javascript
t-post.com/members/backoffice/functions/ajaxCallsNewsletter.js?v=1.7
160.153.250.62200 OK 701 B URL HTTP/1.1 t-post.com/members/backoffice/functions/ajaxCallsNewsletter.js?v=1.7
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash baf3a6d8e3688abf6d38380ed5ba833c
faf171537fa30b652ea8aa45748782ff2d7d2ede
7a22e62faceda7ea21c85bfca0ddd8217b915053b70b887b7a12d326c15a6ae2
GET /members/backoffice/functions/ajaxCallsNewsletter.js?v=1.7 HTTP/1.1
Host: t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Mon, 16 Nov 2020 04:29:23 GMT
ETag: "5ec-5b431d2a2e7d0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 701
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-content/themes/wordpress_theme/css/flexslider.css
160.153.250.62200 OK 236 B URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/css/flexslider.css
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash e3239f66325ad2d3fede6a95a91dc8ad
4d3de82925b810586d16a8ad3d5f0999c7cdd94d
393c371aaad663fff06672e632b6ad040c283395dcf34204b50b0346c631b350
GET /wp-content/themes/wordpress_theme/css/flexslider.css HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:10:52 GMT
ETag: "196-5b3d12c0d9e20-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 236
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.t-post.com/wp-content/themes/wordpress_theme/plugins/fancybox/jquery.fancybox.js?ver=2.53
160.153.250.62200 OK 14 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/plugins/fancybox/jquery.fancybox.js?ver=2.53
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash 9fb3fefcaa847cb2226d303b88f24b0e
aa477e4cb3bc4345ae763c5941f76ba1a273ede1
fd6ab4ea3d8757de189bc961fba51483548df509a25e7f5aaccb56d848876286
GET /wp-content/themes/wordpress_theme/plugins/fancybox/jquery.fancybox.js?ver=2.53 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:12:52 GMT
ETag: "ba62-5b3d13336a020-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 13627
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-content/themes/wordpress_theme/plugins/flexslider/flexslider.css
160.153.250.62200 OK 1.6 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/plugins/flexslider/flexslider.css
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash a528bc29aa5525bd4783363e539be4c5
db203b84de2af5eaaeddbe3baf8639d2cb234dac
cfcfaf9d3433064e1e789d1b7a10a3e238c5c182cfa115e6323d1011569d4534
GET /wp-content/themes/wordpress_theme/plugins/flexslider/flexslider.css HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:12:59 GMT
ETag: "1af7-5b3d133a7a5b8-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 1578
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.t-post.com/wp-content/themes/wordpress_theme/plugins/flexslider/jquery.flexslider.js
160.153.250.62200 OK 12 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/plugins/flexslider/jquery.flexslider.js
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (325)
Hash 07487dfa37ae67f11422929fd63fba55
ef6e67879e0499c35ea9cf17cf510e6e4be24eb8
98ca3c0ac8327fa253d99da83d15301ab70d423dd164e5a9f9d07717d4e837eb
GET /wp-content/themes/wordpress_theme/plugins/flexslider/jquery.flexslider.js HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:12:58 GMT
ETag: "d6ab-5b3d1338e4d70-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 11837
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-content/themes/wordpress_theme/js/flexslider.js
160.153.250.62200 OK 305 B URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/js/flexslider.js
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
Hash 254c89e27fc366ecafff3fc12366a3f7
78aba046a6ca9086f7aeb19a21fb5427f1403f23
c50a82a48e9db89e36067ceabec697b5452d39523bc74e6df3f3b51fc97d91ff
GET /wp-content/themes/wordpress_theme/js/flexslider.js HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:53 GMT
ETag: "3a1-5b3d12fb06760-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 305
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/x-javascript
www.t-post.com/wp-includes/js/wp-embed.min.js?ver=4.5.28
160.153.250.62200 OK 733 B URL HTTP/1.1 www.t-post.com/wp-includes/js/wp-embed.min.js?ver=4.5.28
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type ASCII text, with very long lines (1384), with no line terminators
Hash b33ec51a91e80b6ec465ae6b3f7a7948
41dd8a38051c338609e872b50f52341ae66ca29a
b34255b006c8b1f1d04237f2a3727151ff4ae3b7123e925c9d681fd22a0d2f01
GET /wp-includes/js/wp-embed.min.js?ver=4.5.28 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Fri, 14 May 2021 01:07:49 GMT
ETag: "568-5c23fdf551a90-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy:
Content-Length: 733
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/x-javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c5bc701375ee726e789d906137c3327
82ae36f943c89e5b60c12f2b09ab2e6b866b3c75
6efceb2ae05906e09732571d3e9a00ede94c80404ca0c99a51cc498497c9012b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2110
Cache-Control: max-age=99717
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:36 GMT
Etag: "63d71b1b-1d7"
Expires: Wed, 01 Feb 2023 01:54:33 GMT
Last-Modified: Mon, 30 Jan 2023 01:19:23 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.t-post.com/wp-content/themes/wordpress_theme/img/Mute_Icon2.png
160.153.250.62200 OK 20 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/img/Mute_Icon2.png
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type PNG image data, 626 x 626, 8-bit gray+alpha, non-interlaced\012- data
Hash cf788ba5217c6d060d674cafa6497743
2b8419a52cc47e4b4109c90a038494cabc059521
8db2d0432507139d0bda227b1088575ec5c0f27345e4fe73947259b9597784dd
GET /wp-content/themes/wordpress_theme/img/Mute_Icon2.png HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:15 GMT
ETag: "4c94-5b3d12d7488f0"
Accept-Ranges: bytes
Content-Length: 19604
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.t-post.com/wp-content/themes/wordpress_theme/img/social_facebook.jpg
160.153.250.62200 OK 13 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/img/social_facebook.jpg
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, PhotometricIntepretation=RGB, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2016:07:11 21:58:58], baseline, precision 8, 147x147, components 3\012- data
Hash ffff791eae0dd0da959032d7e93e8bd8
bdae5d6a1cc3fe44aa8a18265c6424c65447c9fb
cf4a1e3ddab717c654c047b164c2382764a84ad79ae47f39f9b46f8436415bb7
GET /wp-content/themes/wordpress_theme/img/social_facebook.jpg HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:31 GMT
ETag: "322c-5b3d12e5e0278"
Accept-Ranges: bytes
Content-Length: 12844
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.t-post.com/wp-content/themes/wordpress_theme/img/payment.png
160.153.250.62200 OK 33 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/img/payment.png
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type PNG image data, 437 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash fac0f3e13b3d03a7f820d1c5bfa3b408
cd8d53542480e97fdc39d4e5e79f75ce1ee56bc1
58da5a8a5db58f716827d5c1fa4d55ae75c2aed4a0fff23c7f39d5601856191c
GET /wp-content/themes/wordpress_theme/img/payment.png HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Mon, 16 Nov 2020 05:38:43 GMT
ETag: "81cf-5b432ca9364d8"
Accept-Ranges: bytes
Content-Length: 33231
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12517
Expires: Tue, 31 Jan 2023 01:41:13 GMT
Date: Mon, 30 Jan 2023 22:12:36 GMT
Connection: keep-alive
www.t-post.com/wp-content/themes/wordpress_theme/img/social_twitter.jpg
160.153.250.62200 OK 14 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/img/social_twitter.jpg
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, PhotometricIntepretation=RGB, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2016:07:11 21:58:58], baseline, precision 8, 147x147, components 3\012- data
Hash 3872f59126e5da393837c48e61ce4856
9c04428d64df411758b392d8964349b6ecb98a52
45333f29e11cec608b8611151f9edbdd142b5f0bc125e7dc996a0231feb19221
GET /wp-content/themes/wordpress_theme/img/social_twitter.jpg HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:32 GMT
ETag: "35b6-5b3d12e72af70"
Accept-Ranges: bytes
Content-Length: 13750
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.t-post.com/wp-content/themes/wordpress_theme/visa-and-mastercard-logo-26.png
160.153.250.62200 OK 61 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/visa-and-mastercard-logo-26.png
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type PNG image data, 1418 x 355, 8-bit colormap, non-interlaced\012- data
Hash 54e30edf9d8e3f86b1935d5d3d1317d8
9f36b33bae6f51fe547ffe84e16fc59334c05b31
48468d11d6d2c76de049c6943072c23edf0c357f3791caff0c3113455f28a813
GET /wp-content/themes/wordpress_theme/visa-and-mastercard-logo-26.png HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2022 06:20:31 GMT
ETag: "ed34-5eeaa19fec010"
Accept-Ranges: bytes
Content-Length: 60724
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12517
Expires: Tue, 31 Jan 2023 01:41:13 GMT
Date: Mon, 30 Jan 2023 22:12:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f9938c0cf6a0073ade7aa5fbe63ee
10b2c53728e16614bc96fbce22e98a135e8fdc16
25c6402614ad4f04d35ea2512b613a5c239609ce03886a22b1a89d62ddf344f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6660
x-amzn-requestid: d1b88b8f-d5c5-4da3-b93a-ade94338e746
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRa8DFMaIAMF2Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d071e6-1fa8a996195c9b3406399769;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:03:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Fv1ghBaLh1tZCjCKJYBmZmWVBAsxZCQ5XPZK6KEUXc-iH0Y5dSFVw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:05 GMT
age: 1471
etag: "10b2c53728e16614bc96fbce22e98a135e8fdc16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12517
Expires: Tue, 31 Jan 2023 01:41:13 GMT
Date: Mon, 30 Jan 2023 22:12:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 146cb1c622ae62d62090dcaf81709056
c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e
d1a2caf59c5bfb3fd66c804217c60705de91e5beebd006cffab1d712a5aef85b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd37b27-1930-4380-aa34-e533abb33eaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8755
x-amzn-requestid: 18054ad3-92df-4a07-b7d1-643293ba4a5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1hDGZfoAMFsFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c6c-7aae5ef32459231c25465b1b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:05:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5GkQA5AcFOFc2Wn5rdaX7nH5F4wfy52vtlpbI8Qlai-jQE77inKzqA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:50:53 GMT
age: 1303
etag: "c9e939eea5ca410e2ac3e2c93fb9cdf51fd3a03e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12517
Expires: Tue, 31 Jan 2023 01:41:13 GMT
Date: Mon, 30 Jan 2023 22:12:36 GMT
Connection: keep-alive
www.t-post.com/wp-content/themes/wordpress_theme/img/social_instagram.jpg
160.153.250.62200 OK 15 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/img/social_instagram.jpg
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, PhotometricIntepretation=RGB, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CC (Macintosh), datetime=2016:07:11 21:58:58], baseline, precision 8, 147x147, components 3\012- data
Hash 536d34bfe28b8b6d0833420f28533501
91a6ba40a474c71121a5d0cb43634c98b04954c3
22c2f8080b6b664294472093d5b98aa8cd0740acae33c3dad9505d0975074f86
GET /wp-content/themes/wordpress_theme/img/social_instagram.jpg HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:31 GMT
ETag: "3c0e-5b3d12e6c5e40"
Accept-Ranges: bytes
Content-Length: 15374
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12517
Expires: Tue, 31 Jan 2023 01:41:13 GMT
Date: Mon, 30 Jan 2023 22:12:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 0ce16b38-ae58-4cfc-9a7e-0cfd68c3114b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxH0pIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-4c58f0a54d3eb51357dc4bfc;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w8GlkEben5frqo5Zwm4oV9tUVoHhkhln-VmACCIrN0-ttz2_7bJcfg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:44:50 GMT
age: 1666
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T5CaUojMEG8x8vki59UdIhI8IbbBRY_7w3xgiW3RCZlHTyeHPLIy2Q==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:47:13 GMT
age: 1523
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac9e49e19b226b271d1a6f29d7159e64
df578148d224d67fb6e098da3eeb1d86c233cb73
1e065f356fe4ae535ec6fa40ddbad8a2ddad1fa1a053bedceb25c90fa3620ad4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefbec1f8-74c9-424a-88f1-a90a7ff35701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12154
x-amzn-requestid: 0ba17a3e-c78c-4634-8706-eedd20d8e3c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk303H-mIAMFelA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b8-1d7f813471bcbd3341f06e86;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3FK_njK19r3IK-kJpLm1VMHiXJrZnOvjrxDh5YPl9hY-F_2vZ5KNcA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:44:52 GMT
age: 1664
etag: "df578148d224d67fb6e098da3eeb1d86c233cb73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZKuBcZgC6yolu1QcaXZKAIIDynG3Zywq1d7sWI8Jlq3ULwlr6XlhWQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 13:04:11 GMT
age: 32905
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.t-post.com/wp-content/themes/wordpress_theme/img/giftcard.png
160.153.250.62200 OK 122 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/img/giftcard.png
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type PNG image data, 201 x 234, 16-bit/color RGBA, non-interlaced\012- data
Size 122 kB (122410 bytes)
Hash 9e2f6eaa11d4b3507053638d0ee9b311
952ca2e057f22ee1f333a44ec339a77a8df8576e
68a652a4cdc952b4c10828998d359a708246a4308753a19a49062f8a9c4463a3
GET /wp-content/themes/wordpress_theme/img/giftcard.png HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:35 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:10 GMT
ETag: "1de2a-5b3d12d277e48"
Accept-Ranges: bytes
Content-Length: 122410
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:35 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.t-post.com/wp-content/themes/wordpress_theme/fonts/futura_bold-webfont.woff
160.153.250.62200 OK 24 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/fonts/futura_bold-webfont.woff
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 24172, version 1.0\012- data
Hash 5da1b9983fd030085d01194a37c24431
5937d2feeafb45eca723c0a5dd012a909d7a95ea
61f0dcf226e68a9af1885ea808e7ff3072807424283fd7c8f09ba2e24bf442e8
GET /wp-content/themes/wordpress_theme/fonts/futura_bold-webfont.woff HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.t-post.com/wp-content/themes/wordpress_theme/fonts/fonts.css?ver=2.53
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:36 GMT
Server: Apache
ETag: "5e6c-5b3d12ca95950"
Accept-Ranges: bytes
Content-Length: 24172
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:36 GMT
Vary: Accept-Encoding
Referrer-Policy:
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/font-woff
www.t-post.com/wp-content/themes/wordpress_theme/plugins/flexslider/fonts/flexslider-icon.woff
160.153.250.62200 OK 1.3 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/plugins/flexslider/fonts/flexslider-icon.woff
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type Web Open Font Format, TrueType, length 1268, version 1.0\012- data
Hash f8b92f66539473eea649c8514eb836a0
9876bce2a7b39125bd7a406c445e46e704d7b37e
333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8
GET /wp-content/themes/wordpress_theme/plugins/flexslider/fonts/flexslider-icon.woff HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.t-post.com/wp-content/themes/wordpress_theme/plugins/flexslider/flexslider.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:36 GMT
Server: Apache
ETag: "4f4-5b3d13478ad70"
Accept-Ranges: bytes
Content-Length: 1268
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:36 GMT
Vary: Accept-Encoding
Referrer-Policy:
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/font-woff
www.paypal.com/sdk/js?client-id=AayMqvP9woXVh2ZnpTL91Kc4mOlgqE72vSnRSKft_4Pa4I7QHxhsRYchvlonV0BasYUTcBHnC4VkA--f&vault=true&intent=subscription
192.229.221.25200 OK 94 kB URL HTTP/2 www.paypal.com/sdk/js?client-id=AayMqvP9woXVh2ZnpTL91Kc4mOlgqE72vSnRSKft_4Pa4I7QHxhsRYchvlonV0BasYUTcBHnC4VkA--f&vault=true&intent=subscription
IP 192.229.221.25:0
File type ASCII text, with very long lines (65472)
Hash ee6508a7f47608fca656501409c3cb58
52c46aecb7cdf181078dfe9a551eadb6653ae3b1
3a77bc6cb0f66d446fbbf00098ddf0960db0a9d918fc2e73943419c8879eee6a
GET /sdk/js?client-id=AayMqvP9woXVh2ZnpTL91Kc4mOlgqE72vSnRSKft_4Pa4I7QHxhsRYchvlonV0BasYUTcBHnC4VkA--f&vault=true&intent=subscription HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-MFUO6eBH0Nm6r+WiCCfEGuC35lOoGpjGgZCJwz1yQ4F14anv' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-MFUO6eBH0Nm6r+WiCCfEGuC35lOoGpjGgZCJwz1yQ4F14anv' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 22:12:36 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"1711a-UsRq7LfN8YEHjf6aVR6ttmU647E"
p3p: true
paypal-debug-id: 0252394148681
server: ECAcc (frc/4C82)
server-timing: traceparent;desc="00-00000000000000000000252394148681-89fda983cfa25f6c-01", content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: tsrce=clientsdknodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 02 Feb 2023 22:12:36 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Mon, 30 Jan 2023 22:42:36 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1769811156%26vteXpYrS%3D1675118556%26vr%3D04bd3e1d1860a2d1f3f5b0affd7cbc5c%26vt%3D04bd3e1d1860a2d1f3f5b0affd7cbc5b%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:36 GMT; HttpOnly; Secure
ts_c=vr%3D04bd3e1d1860a2d1f3f5b0affd7cbc5c%26vt%3D04bd3e1d1860a2d1f3f5b0affd7cbc5b; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:36 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000252394148681-87a97fe0940f4e2b-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 94490
X-Firefox-Spdy: h2
www.t-post.com/wp-content/themes/tpost_wpt/img/tpost_film_1.mp4
160.153.250.62206 Partial Content 204 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/tpost_wpt/img/tpost_film_1.mp4
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 204 kB (204513 bytes)
Hash 16d98597de8d40684372b0cfe90dea7d
4cef253adace88a30db404b72b7d2e9c8bfeaa26
489eb0dd537a868f6d56f92b414d9a1af35d0a548ab9a0144091c5ec2893e522
GET /wp-content/themes/tpost_wpt/img/tpost_film_1.mp4 HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Mon, 30 Jan 2023 22:12:36 GMT
Server: Apache
Last-Modified: Tue, 24 May 2022 06:24:45 GMT
ETag: "9c9f007-5dfbc034e3500"
Accept-Ranges: bytes
Content-Length: 164229127
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:36 GMT
Referrer-Policy:
Content-Range: bytes 0-164229126/164229127
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: video/mp4
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.t-post.com/wp-content/uploads/2016/08/tpost_175_p-480x360.png
160.153.250.62200 OK 178 kB URL HTTP/1.1 www.t-post.com/wp-content/uploads/2016/08/tpost_175_p-480x360.png
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type PNG image data, 480 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size 178 kB (178002 bytes)
Hash 5ecea7f866a6a3eef1b23543a5bacb26
92c69a788a66808d21f214c66d91d305fdf8407b
77b944eb57c89a30797b44713f363382365192075802451817fd61e52b51a6e3
GET /wp-content/uploads/2016/08/tpost_175_p-480x360.png HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:36 GMT
Server: Apache
Last-Modified: Fri, 16 Sep 2022 08:41:38 GMT
ETag: "2b752-5e8c7548f2320"
Accept-Ranges: bytes
Content-Length: 178002
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:36 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
www.t-post.com/wp-content/uploads/2016/08/tpost_177_pack-480x360.png
160.153.250.62200 OK 200 kB URL HTTP/1.1 www.t-post.com/wp-content/uploads/2016/08/tpost_177_pack-480x360.png
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type PNG image data, 480 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size 200 kB (199578 bytes)
Hash 298d789bb06374782a4df56e30cb3910
d368d7327b61bbe467aefad604769635246f9e15
d37f0286adb45ef1354880670fce6d2dda360da8080dd66c33eb672e2567751c
GET /wp-content/uploads/2016/08/tpost_177_pack-480x360.png HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:36 GMT
Server: Apache
Last-Modified: Mon, 02 Jan 2023 12:43:09 GMT
ETag: "30b9a-5f1474b2de7e8"
Accept-Ranges: bytes
Content-Length: 199578
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:36 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.paypalobjects.com/muse/muse.js
151.101.2.133200 OK 16 kB URL HTTP/2 www.paypalobjects.com/muse/muse.js
IP 151.101.2.133:0
File type ASCII text, with very long lines (55891)
Hash 6aebbe482c72000aea20895991f70478
eff1d3370786f9ee4ea539776bc43ab9bece89ba
2acb950bc7678b9e6c265194821fac386bf555db582ee8c0e2d9e68ff3eaa862
GET /muse/muse.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"6271663d-da91"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 84840867de170
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 22:12:37 GMT
x-served-by: cache-sjc10029-SJC, cache-bma1675-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 114768
x-timer: S1675116757.193151,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 16464
X-Firefox-Spdy: h2
www.t-post.com/wp-content/uploads/2016/08/tpost_177_fp-1240x827.png
160.153.250.62200 OK 1.5 MB URL HTTP/1.1 www.t-post.com/wp-content/uploads/2016/08/tpost_177_fp-1240x827.png
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type PNG image data, 1240 x 827, 8-bit/color RGBA, non-interlaced\012- data
Size 1.5 MB (1544781 bytes)
Hash 34de722b25b1aa6c4a4c4579134d08f8
b94593803faf8cb1b3194a61c1844b812da01732
61ffe043b6a243f904bd874a916cc615d76bcc847f75a3fac507fca1f482ec82
GET /wp-content/uploads/2016/08/tpost_177_fp-1240x827.png HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:36 GMT
Server: Apache
Last-Modified: Mon, 02 Jan 2023 12:42:15 GMT
ETag: "17924d-5f14747ebfb88"
Accept-Ranges: bytes
Content-Length: 1544781
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:36 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.youtube.com/embed/Ae5-9eqC000?rel=0&showinfo=0
142.250.74.46200 OK 44 kB URL HTTP/2 www.youtube.com/embed/Ae5-9eqC000?rel=0&showinfo=0
IP 142.250.74.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 64598900833902289bb1da89b12f54af
c6acb31d655d738cd5c5ecba1fb52cd586b6bf90
964f536b8e41825f232a9e6800b14a27653f4665220ee103101ec4486962efbe
GET /embed/Ae5-9eqC000?rel=0&showinfo=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 30 Jan 2023 22:12:37 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=FyYnZmjZ6D8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=PgOYoCyk7EA; Domain=.youtube.com; Expires=Sat, 29-Jul-2023 22:12:37 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRVM01UWTRPRFE0TkRZM056YzNPUT09ENWB4Z4GGNWB4Z4G; Domain=.youtube.com; Expires=Sat, 29-Jul-2023 22:12:37 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+983; expires=Wed, 29-Jan-2025 22:12:37 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/www-player.css
142.250.74.46200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-player.css
IP 142.250.74.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8a6331ed48be29c59230b0c7360068de
22a20436f427d6b8e26eb30ed9aab51a43d389bf
72f0818ab04697fc29d331b2add584f3cd5e269446c7297300701a4666c9d95e
GET /s/player/4248d311/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ae5-9eqC000?rel=0&showinfo=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49911
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 03:27:06 GMT
expires: Tue, 30 Jan 2024 03:27:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/css
age: 67531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
142.250.74.46200 OK 109 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (679)
Size 109 kB (109432 bytes)
Hash 711fcfe6f1ab52d89ab3474d437c1e48
b2f3e69e9d40b193de5e76ae13c6ad9ce0a8e537
361236d1317543e128074c35d22d65a2ba70f6ce9906b07a543e6b3c96239019
GET /s/player/4248d311/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ae5-9eqC000?rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 00:22:47 GMT
expires: Tue, 30 Jan 2024 00:22:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 78590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.46200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.46:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ae5-9eqC000?rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:37:27 GMT
expires: Sat, 27 Jan 2024 07:37:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 311710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a7389fd7bb47683f15484d943c6e118a
1dac6706c1bf000ef194969644c22be605088311
bcb5915ccc2bc00946d4590bfd2b5e59c7a4f327c964ad3fbf46c1bdc0d9e825
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 19:31:20 GMT
Expires: Fri, 03 Feb 2023 19:31:19 GMT
Etag: "1dac6706c1bf000ef194969644c22be605088311"
Cache-Control: max-age=335321,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791d8cd42b40b524-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 347074
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AEPMRJ8CQYZH6L-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AEPMRJ8CQYZH6L-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0a586541-5d5d-48bb-8ff1-e746bfceaf50&fltp=analytics&mrid=EPMRJ8CQYZH6L&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=T-post%C2%AE&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1675116771034&g=0&completeurl=https%3A%2F%2Fwww.t-post.com%2F
151.101.1.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AEPMRJ8CQYZH6L-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AEPMRJ8CQYZH6L-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0a586541-5d5d-48bb-8ff1-e746bfceaf50&fltp=analytics&mrid=EPMRJ8CQYZH6L&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=T-post%C2%AE&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1675116771034&g=0&completeurl=https%3A%2F%2Fwww.t-post.com%2F
IP 151.101.1.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AEPMRJ8CQYZH6L-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AEPMRJ8CQYZH6L-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0a586541-5d5d-48bb-8ff1-e746bfceaf50&fltp=analytics&mrid=EPMRJ8CQYZH6L&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=T-post%C2%AE&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1675116771034&g=0&completeurl=https%3A%2F%2Fwww.t-post.com%2F HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Mon, 30 Jan 2023 22:12:37 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 158fd46ae7588
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1769811157%26vteXpYrS%3D1675118557%26vr%3D04bd41781860aa5dbc167050ffffffff%26vt%3D04bd41781860aa5dbc167050fffffffe; Expires=Fri, 30 Jan 2026 22:12:37 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D04bd41781860aa5dbc167050ffffffff%26vt%3D04bd41781860aa5dbc167050fffffffe; Expires=Fri, 30 Jan 2026 22:12:37 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000158fd46ae7588-5529c984b5f4b812-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 30 Jan 2023 22:12:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220047-HHN, cache-bma1666-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675116757.282904,VS0,VE164
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 365514
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Last-Modified: Mon, 30 Jan 2023 21:50:48 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 30 Jan 2023 22:12:37 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 83KaGb9hBsvisZt6BaedQfwDc/RA46JWwfjfyWXpUUHBm3e8GemD9xfNXnX+gFa6YQxgLpj/qvDo4Wh8bD2rlg==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 22:12:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stats.g.doubleclick.net/dc.js
173.194.221.155200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP 173.194.221.155:0
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Mon, 30 Jan 2023 21:36:57 GMT
expires: Mon, 30 Jan 2023 23:36:57 GMT
cache-control: public, max-age=7200
age: 2140
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fa4e3a6c0ea0d843f6f77af6a290fca
965944af181e8d47677e5b428e8a3233c942cf99
801765bb2eb7f84e39a58691c4798b32ccd9e6ed22e924754d26277f4f2e0b11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Last-Modified: Mon, 30 Jan 2023 21:50:48 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
load.sumo.com/73.0a035390359aab65eb82.js
194.242.11.186200 OK 102 kB URL HTTP/2 load.sumo.com/73.0a035390359aab65eb82.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type HTML document, ASCII text, with very long lines (40498)
Size 102 kB (102386 bytes)
Hash 6db767b8c6043bca24d07ecfc4a4db69
b598635715f7840aceb7c2a85d8d1b31e27ab282
4831f57ae712a352e51a32f0f054d75b84ab08993496505de5d2ed020fd3ef01
GET /73.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:12:37 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"ad6f2454f01de902ffd473d51c1207bf"
last-modified: Wed, 05 Oct 2022 16:49:51 GMT
x-amz-id-2: cE1DCrJ3duOXNUTj8H7V/BQg6efYhJ/q2l4iGcQJ8Q3JIP8UfExUwQljPhmaAW7xSefCg6CyxKY=
x-amz-request-id: RWX8TS5JF5RSJJ7R
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2022 12:07:49
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9ade3e7c8ada478f98690282ab359250
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1&page=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0a586541-5d5d-48bb-8ff1-e746bfceaf50&es=visitorInfoFlowStarted&mrid=EPMRJ8CQYZH6L&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=T-post%C2%AE&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1675116771456&g=0&completeurl=https%3A%2F%2Fwww.t-post.com%2F
151.101.1.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1&page=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0a586541-5d5d-48bb-8ff1-e746bfceaf50&es=visitorInfoFlowStarted&mrid=EPMRJ8CQYZH6L&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=T-post%C2%AE&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1675116771456&g=0&completeurl=https%3A%2F%2Fwww.t-post.com%2F
IP 151.101.1.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1&page=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0a586541-5d5d-48bb-8ff1-e746bfceaf50&es=visitorInfoFlowStarted&mrid=EPMRJ8CQYZH6L&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=T-post%C2%AE&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1675116771456&g=0&completeurl=https%3A%2F%2Fwww.t-post.com%2F HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Mon, 30 Jan 2023 22:12:37 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 7ce7c9b1763fd
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1769811157%26vteXpYrS%3D1675118557%26vr%3D04bd42a11860aa5c61759272ffffffff%26vt%3D04bd42a11860aa5c61759272fffffffe; Expires=Fri, 30 Jan 2026 22:12:37 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D04bd42a11860aa5c61759272ffffffff%26vt%3D04bd42a11860aa5c61759272fffffffe; Expires=Fri, 30 Jan 2026 22:12:37 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-00000000000000000007ce7c9b1763fd-9b8ae6bdda58a1fe-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 30 Jan 2023 22:12:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220033-HHN, cache-bma1666-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675116758.564638,VS0,VE192
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 6061660d0c8c8a3292454cb1c819259e
54ac533237acc8ff7624f460b91d50657322bdcf
2d7e1e8fe3615783905c47576f05b5cd9189a3cc4e15996dbe66e4388dac190c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6495
Cache-Control: max-age=142218
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Etag: "63d7b000-13a"
Expires: Wed, 01 Feb 2023 13:42:55 GMT
Last-Modified: Mon, 30 Jan 2023 11:54:40 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
www.t-post.com/wp-content/themes/wordpress_theme/img/favicon.jpg
160.153.250.62200 OK 21 kB URL HTTP/1.1 www.t-post.com/wp-content/themes/wordpress_theme/img/favicon.jpg
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Macintosh, datetime=2013:09:25 11:05:47], baseline, precision 8, 16x16, components 3\012- data
Hash c9f59fe2cb0fb4e7ac404cf9fcec3480
6ea9b50f152d264c5e92be1628700b2125890da4
33229a7974057a925e8bfce209f4b1fbfb64aaa9749bef34d477ca8bdc1468bf
GET /wp-content/themes/wordpress_theme/img/favicon.jpg HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:37 GMT
Server: Apache
Last-Modified: Wed, 11 Nov 2020 09:11:11 GMT
ETag: "5380-5b3d12d2fc378"
Accept-Ranges: bytes
Content-Length: 21376
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:37 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
t.co/i/adsct?bci=3&eci=2&event_id=88b22e1a-5844-4bf0-a640-ca3bcf5a8002&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=47346096-ec6d-480a-8ba1-b8a3ec791cc6&tw_document_href=https%3A%2F%2Fwww.t-post.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1i61&type=javascript&version=2.3.29
104.244.42.197200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=88b22e1a-5844-4bf0-a640-ca3bcf5a8002&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=47346096-ec6d-480a-8ba1-b8a3ec791cc6&tw_document_href=https%3A%2F%2Fwww.t-post.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1i61&type=javascript&version=2.3.29
IP 104.244.42.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=88b22e1a-5844-4bf0-a640-ca3bcf5a8002&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=47346096-ec6d-480a-8ba1-b8a3ec791cc6&tw_document_href=https%3A%2F%2Fwww.t-post.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1i61&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:12:37 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=5fc151eb-e36f-46c9-a391-b721c22fa228; Max-Age=63072000; Expires=Wed, 29 Jan 2025 22:12:37 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 633f5a0bf33ad9a6
strict-transport-security: max-age=0
x-response-time: 111
x-connection-hash: ef56869dc4a480acb12a154a97f3114502d4aa9dde94d844149034c417567236
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 6d2677a268c46fe7437bc9ba7f1933f0
c4c8338d86338480d15172e8691dc9b25c9c25bf
0709a1fe6bd9156d9e98f2c986bcb486031947ce2412744efd1e0ff52f7929d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5043
Cache-Control: max-age=95395
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Etag: "63d6fec5-139"
Expires: Wed, 01 Feb 2023 00:42:32 GMT
Last-Modified: Sun, 29 Jan 2023 23:18:29 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 30 Jan 2023 22:12:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 21:57:52 GMT
expires: Mon, 30 Jan 2023 22:12:52 GMT
cache-control: public, max-age=900
age: 885
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id?slf_rd=1
142.250.74.34200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 142.250.74.34:0
Hash a17c3c21bb1c0c0c6d810989eb4f51cd
6d162abe82038d6b660c1ee0f0a0e729e099e9ac
a814422b8e98ad57c289111041e64ae9d963ab292380977bf27fad404ed51011
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Mon, 30 Jan 2023 22:12:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=88b22e1a-5844-4bf0-a640-ca3bcf5a8002&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=47346096-ec6d-480a-8ba1-b8a3ec791cc6&tw_document_href=https%3A%2F%2Fwww.t-post.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1i61&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=88b22e1a-5844-4bf0-a640-ca3bcf5a8002&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=47346096-ec6d-480a-8ba1-b8a3ec791cc6&tw_document_href=https%3A%2F%2Fwww.t-post.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1i61&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=88b22e1a-5844-4bf0-a640-ca3bcf5a8002&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=47346096-ec6d-480a-8ba1-b8a3ec791cc6&tw_document_href=https%3A%2F%2Fwww.t-post.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1i61&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:12:37 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_qER39Q81JHgNcegRJYqMjQ=="; Max-Age=63072000; Expires=Wed, 29 Jan 2025 22:12:38 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: d8ebc19a2e513509
strict-transport-security: max-age=631138519
x-response-time: 116
x-connection-hash: ea3cbd4f085621863d0b395d3da34b51eb409542459bbd8b5ef6b5a0b589271d
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 30 Jan 2023 22:12:38 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js
216.58.207.228200 OK 14 kB URL HTTP/2 www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js
IP 216.58.207.228:0
File type ASCII text, with very long lines (36000)
Hash b40bdd235c7883921e2b18743b3aea21
9aaa96e2ec231327ba976911513989568c56c7c1
8b00f3a7d9b7acabf6b991926d7543944771ce1431efd342dea743192ec667e3
GET /js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14173
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 01:14:43 GMT
expires: Mon, 29 Jan 2024 01:14:43 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 161875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a090a37862fa418a32788dd70fdabc37
32bae342de1fda52149368798a4d9a8efdd48f03
b139aeb4a989ec32bd8482c895276db9c98489a7a48504657b52126c89eb417b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 30 Jan 2023 22:12:38 GMT
server: ESF
cache-control: private
content-length: 30988
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.paypal.com/targeting/graphql
192.229.221.25204 No Content 0 B URL HTTP/2 www.paypal.com/targeting/graphql
IP 192.229.221.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /targeting/graphql HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.paypalobjects.com/
Origin: https://www.paypalobjects.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 30 Jan 2023 22:12:38 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 02629356a6148
server: ECAcc (frc/4CD4)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 31 Jan 2023 06:58:34 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 30 Jan 2024 22:12:38 GMT; Secure
x-pp-s=eyJ0IjoiMTY3NTExNjc1ODA5MiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
nsid=s%3ABnLNlpaHCaHrKn5ZnsbuuffdnKzNPxpy.LOKPXM%2FMHS4Zqmaffh7RwmYvRNbXuQM744RRNyEQ6Vg; Path=/; HttpOnly; Secure
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Mon, 30 Jan 2023 22:42:38 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1769811158%26vteXpYrS%3D1675118558%26vr%3D04bd44371860a7887801b2f5ff5d5811%26vt%3D04bd44371860a7887801b2f5ff5d5810%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:38 GMT; HttpOnly; Secure
ts_c=vr%3D04bd44371860a7887801b2f5ff5d5811%26vt%3D04bd44371860a7887801b2f5ff5d5810; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:38 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000002629356a6148-e786049e4203cc7d-01
vary: Origin, Access-Control-Request-Headers
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c3a242e6132fe39e40953523bb8d3175
c9914952910c863f533f0c7bf6451b77b12d10b7
423bd4744c6b389c23fccdfab4dc8731bf553232a6bf14782c946183e8119a04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/Ae5-9eqC000/sddefault.webp
216.58.211.22200 OK 34 kB URL HTTP/2 i.ytimg.com/vi_webp/Ae5-9eqC000/sddefault.webp
IP 216.58.211.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c3ce7bfc41c387be2428d093c28b7600
d739f09aae19fe2da04b5808e917a88d0346b37f
ab3c59303c339a88ae381177e1e3b16e95222fc11b2598d8b14cdf1c0928ef50
GET /vi_webp/Ae5-9eqC000/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 22:12:38 GMT
expires: Tue, 31 Jan 2023 00:12:38 GMT
cache-control: public, max-age=7200
etag: "1582790902"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c3a242e6132fe39e40953523bb8d3175
c9914952910c863f533f0c7bf6451b77b12d10b7
423bd4744c6b389c23fccdfab4dc8731bf553232a6bf14782c946183e8119a04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 750f718797fc50f8465259f62a6da6ba
e9b7abb1a4dff4896c9fb48e7c7b1407885790de
8e3c0c96771c92bcee1d63055e2aa46aa5e0e3125da993844a9297340166873d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
in.getclicky.com/in.php?site_id=142201&type=pageview&href=%2F&title=T-post%C2%AE&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.36379050608054464
198.145.13.12200 OK 2.1 kB URL HTTP/2 in.getclicky.com/in.php?site_id=142201&type=pageview&href=%2F&title=T-post%C2%AE&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.36379050608054464
IP 198.145.13.12:0
Hash cb828b191cdbe0b81f76cfa4343340b1
65a1189a58a2883681add628e289a1c4b880eb4d
5813f9caa76813f8eb27ee4411e0231a75ec662e324b001e27e9e4415c29d09b
GET /in.php?site_id=142201&type=pageview&href=%2F&title=T-post%C2%AE&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.36379050608054464 HTTP/1.1
Host: in.getclicky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 22:12:38 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=959666394100575&ev=PageView&dl=https%3A%2F%2Fwww.t-post.com%2F&rl=&if=false&ts=1675116772188&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675116772186.1279254607&it=1675116771578&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=959666394100575&ev=PageView&dl=https%3A%2F%2Fwww.t-post.com%2F&rl=&if=false&ts=1675116772188&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675116772186.1279254607&it=1675116771578&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=959666394100575&ev=PageView&dl=https%3A%2F%2Fwww.t-post.com%2F&rl=&if=false&ts=1675116772188&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675116772186.1279254607&it=1675116771578&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 22:12:38 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 110 kB IP 142.250.74.131:0
File type gzip compressed data, from Unix\012- data
Size 110 kB (110448 bytes)
Hash d4edcc1e597ac7c41233e29a5562c085
ff0f6eafd454741f5ed13a35d508ade8b5589061
ce09bfb6feb04069cc017cb70b173795a746878a27d1c2bc36e705d0efb3b999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.paypal.com/targeting/graphql
192.229.221.25200 OK 305 B URL HTTP/2 www.paypal.com/targeting/graphql
IP 192.229.221.25:0
File type JSON data\012- , ASCII text, with very long lines (442)
Hash b55b483d35c1c88df6a3aaffdf2adecc
d4246256bb8ee843459161bd2d9d19e8739fa0f3
9481db5a384fef5e85d13c7c66b37cc7e3f4f18e4c5e18076254d34bab042cef
POST /targeting/graphql HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypalobjects.com/
Content-Type: application/json
Origin: https://www.paypalobjects.com
Content-Length: 318
Connection: keep-alive
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-AYgAa4pjefu8NYlFdt1Qc4py9GvzMykuEZ15gufzwa0Ppl4y' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 22:12:38 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"1bb-Cpz1vlTHFsB33QNODowyCiMqviY"
paypal-debug-id: 0699b6868b742
server: ECAcc (frc/4CC9)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 31 Jan 2023 06:58:34 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 30 Jan 2024 22:12:38 GMT; Secure
x-pp-s=eyJ0IjoiMTY3NTExNjc1ODQwMiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=targetingnodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 02 Feb 2023 22:12:38 GMT; HttpOnly; Secure; SameSite=None
nsid=s%3Acd8o_7GEf4hnRZdpPdkgxe6a-L6Zmxtn.CUTtfOkWj7dXc5G6%2BWPsj4xXwKPVAnoSSUho86eZmF0; Path=/; HttpOnly; Secure
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Mon, 30 Jan 2023 22:42:38 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1769811158%26vteXpYrS%3D1675118558%26vr%3D04bd45041860ad04b31c6298fdb1198a%26vt%3D04bd45041860ad04b31c6298fdb11989%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:38 GMT; HttpOnly; Secure
ts_c=vr%3D04bd45041860ad04b31c6298fdb1198a%26vt%3D04bd45041860ad04b31c6298fdb11989; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:38 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000699b6868b742-40b974256b7b935f-01
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 305
X-Firefox-Spdy: h2
c.paypal.com/da/r/fb.js
151.101.193.35200 OK 20 kB IP 151.101.193.35:0
File type C source, ASCII text, with very long lines (59882)
Hash 49879e025558a4265fdd4da49ac3936d
be72d148b3decc5df44bfcec53753ba415b991cc
1f68d9221a957d7ab6700041b0d87f0a10a407b9d37d8b90af6c44bb6f7e8203
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Cookie: tsrce=smartcomponentnodeweb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
dc: ccg11-origin-www-1.paypal.com
etag: "63a1ee03-e9eb"
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
paypal-debug-id: b0a65fb5c69b2
server: ECAcc (nya/7974)
traceparent: 00-0000000000000000000b0a65fb5c69b2-8e3f2547808d26dc-01
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 30 Jan 2023 22:12:38 GMT
via: 1.1 varnish
age: 2254570
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 120136
x-timer: S1675116759.538735,VS0,VE1
vary: Accept-Encoding
expires: Tue, 31 Jan 2023 22:12:38 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 20336
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eeece5b67bd848a958e137e9af191eff
6d2cf43effcaa45dd4afffa41c2d459ffe919a3d
1078f0b98122b7ca865a7722a735c88486da51aa3320e0f7f1eac929bbe77a9c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5088
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 22:12:38 GMT
Last-Modified: Mon, 30 Jan 2023 20:47:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.paypal.com/smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF5TXF2UDl3b1hWaDJabnBUTDkxS2M0bU9sZ3FFNzJ2U25SU0tmdF80UGE0STdRSHhoc1JZY2h2bG9uVjBCYXNZVVRjQkhuQzRWa0EtLWYmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AayMqvP9woXVh2ZnpTL91Kc4mOlgqE72vSnRSKft_4Pa4I7QHxhsRYchvlonV0BasYUTcBHnC4VkA--f&sdkCorrelationID=f8446099fbfdc&storageID=uid_75f37ef678_mji6mti6nta&sessionID=uid_3ddf8febdd_mji6mti6nta&buttonSessionID=uid_27af010ecc_mji6mti6nte&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup¤cy=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
192.229.221.25200 OK 99 kB URL HTTP/2 www.paypal.com/smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF5TXF2UDl3b1hWaDJabnBUTDkxS2M0bU9sZ3FFNzJ2U25SU0tmdF80UGE0STdRSHhoc1JZY2h2bG9uVjBCYXNZVVRjQkhuQzRWa0EtLWYmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AayMqvP9woXVh2ZnpTL91Kc4mOlgqE72vSnRSKft_4Pa4I7QHxhsRYchvlonV0BasYUTcBHnC4VkA--f&sdkCorrelationID=f8446099fbfdc&storageID=uid_75f37ef678_mji6mti6nta&sessionID=uid_3ddf8febdd_mji6mti6nta&buttonSessionID=uid_27af010ecc_mji6mti6nte&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup¤cy=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
IP 192.229.221.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8069)
Hash fda5dd95fbd6ab95bf320bc63f638e79
3efd66cd04c806f2dd9ee86ba7a18103e31b9c93
9ebfb171ab2e8a6382b5cee8aa52d1c06600332c29ea9617cea5aad702329863
GET /smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF5TXF2UDl3b1hWaDJabnBUTDkxS2M0bU9sZ3FFNzJ2U25SU0tmdF80UGE0STdRSHhoc1JZY2h2bG9uVjBCYXNZVVRjQkhuQzRWa0EtLWYmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AayMqvP9woXVh2ZnpTL91Kc4mOlgqE72vSnRSKft_4Pa4I7QHxhsRYchvlonV0BasYUTcBHnC4VkA--f&sdkCorrelationID=f8446099fbfdc&storageID=uid_75f37ef678_mji6mti6nta&sessionID=uid_3ddf8febdd_mji6mti6nta&buttonSessionID=uid_27af010ecc_mji6mti6nte&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup¤cy=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Cookie: tsrce=clientsdknodeweb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Mon, 30 Jan 2023 22:12:37 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"60dcd-nbeEuOMZcOAxIcKIfJlB/lv0vQU"
p3p: true
paypal-debug-id: 05b42800bb22b
server: ECAcc (frc/4C95)
server-timing: traceparent;desc="00-000000000000000000005b42800bb22b-290b6eb44d83b84e-01", content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 02 Feb 2023 22:12:37 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Mon, 30 Jan 2023 22:42:37 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1769811157%26vteXpYrS%3D1675118557%26vr%3D04bd417d1860a7a8597f0f8aff309443%26vt%3D04bd417d1860a7a8597f0f8aff309442%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:37 GMT; HttpOnly; Secure
ts_c=vr%3D04bd417d1860a7a8597f0f8aff309443%26vt%3D04bd417d1860a7a8597f0f8aff309442; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:37 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000005b42800bb22b-598c7bcea7ae8b8a-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
c.paypal.com/da/r/fb.js
151.101.193.35304 Not Modified 0 B IP 151.101.193.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 20 Dec 2022 17:16:51 GMT
If-None-Match: "63a1ee03-e9eb"
TE: trailers
HTTP/2 304 Not Modified
date: Mon, 30 Jan 2023 22:12:38 GMT
via: 1.1 varnish
etag: "63a1ee03-e9eb"
age: 2254571
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 120138
x-timer: S1675116759.780788,VS0,VE1
vary: Accept-Encoding
expires: Tue, 31 Jan 2023 22:12:38 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
dub.stats.paypal.com/v2/counter2.cgi?p=uid_3ddf8febdd_mji6mti6nta&s=SMART_PAYMENT_BUTTONS
64.4.245.84200 OK 42 B URL HTTP/1.1 dub.stats.paypal.com/v2/counter2.cgi?p=uid_3ddf8febdd_mji6mti6nta&s=SMART_PAYMENT_BUTTONS
IP 64.4.245.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /v2/counter2.cgi?p=uid_3ddf8febdd_mji6mti6nta&s=SMART_PAYMENT_BUTTONS HTTP/1.1
Host: dub.stats.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypal.com/
Connection: keep-alive
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: close
Server: PayPal-B.Stats/1.0
Content-Type: image/jpeg
Content-Length: 42
Set-Cookie: c=39272d53c5fbd5b40fbf; Domain=stats.paypal.com; expires=Sun, 25 Jan 2043 22:12:38 GMT; Path=/
Date: Mon, 30 Jan 2023 22:12:38 GMT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 30 Jan 2023 22:12:38 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p2
151.101.193.35200 OK 125 B IP 151.101.193.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 30be8d3684458da12c06a5d601cf0024
97e1dcc68794aa6063f18658df68b884339d7d12
308a1a0e69c822dc80a3a4bfae58a42a99545e16503525b84b4c819a8f3dfb62
POST /v1/r/d/b/p2 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1442
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: af826da2ca500
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: af826da2ca500
set-cookie: sc_f=ErLp8mRwYUm9uALVp8EfcJrbKzi9wb5VLfqme5-Urr5UJn9GyV1w1CzgQMyrADr0Dmqz_Y7IQ_2fzmNCz4t_OJlfu3493ch4YC7vmm;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Sat, 29-Jan-2028 14:12:39 GMT; HttpOnly
traceparent: 00-0000000000000000000af826da2ca500-d17c30adb3646db5-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 30 Jan 2023 22:12:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220035-HHN, cache-bma1654-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p1
151.101.193.35200 OK 125 B IP 151.101.193.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 315649c3f2dfb8724e0f38f6bbca0680
90cceedc1a7e574e5f04dd0aa520b28e9516bf6f
8083e06a53e77f5dea72891b5b9397b9929a918b3abf7ee120f0bbed691ecfbe
POST /v1/r/d/b/p1 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1207
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: abf03ac702145
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: abf03ac702145
set-cookie: sc_f=AY0k1ACzPyuFO-w-tVvrHp2ircl2ka8nakwNdE4vmaz3LR3IV2S6nWvoTn9X22SYi-WV7dGhWfu0xEdrihUhKGf87rye4Bt9g0F4vm;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Sat, 29-Jan-2028 14:12:39 GMT; HttpOnly
KHcl0EuY7AKSMgfvHl7J5E7hPtK=hpbFg1ORwV3wX4GaMWmC6hBIv2r9NXKN0OWW1E7CAq_XD5w9H_cq2sbLJefFvM72arjEGN-KM0DagUW0;Domain=.paypal.com;Max-Age=630720000;Path=/;Secure;Version=1;Expires=Sun, 25-Jan-2043 14:12:39 GMT; HttpOnly
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Mon, 30 Jan 2023 22:42:39 GMT; HttpOnly; Secure
traceparent: 00-0000000000000000000abf03ac702145-6462f38297d7954b-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 30 Jan 2023 22:12:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220049-HHN, cache-bma1654-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1&page=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0a586541-5d5d-48bb-8ff1-e746bfceaf50&es=visitorInfo&cust=K8SKZ36LQBWXJ&mrid=EPMRJ8CQYZH6L&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=T-post%C2%AE&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&unsc=0&identifier_used=IP&e=im&t=1675116772888&g=0&completeurl=https%3A%2F%2Fwww.t-post.com%2F
151.101.1.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1&page=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0a586541-5d5d-48bb-8ff1-e746bfceaf50&es=visitorInfo&cust=K8SKZ36LQBWXJ&mrid=EPMRJ8CQYZH6L&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=T-post%C2%AE&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&unsc=0&identifier_used=IP&e=im&t=1675116772888&g=0&completeurl=https%3A%2F%2Fwww.t-post.com%2F
IP 151.101.1.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1&page=muse%3Aoffer%3A%3A%3AEPMRJ8CQYZH6L-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0a586541-5d5d-48bb-8ff1-e746bfceaf50&es=visitorInfo&cust=K8SKZ36LQBWXJ&mrid=EPMRJ8CQYZH6L&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=T-post%C2%AE&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&unsc=0&identifier_used=IP&e=im&t=1675116772888&g=0&completeurl=https%3A%2F%2Fwww.t-post.com%2F HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Mon, 30 Jan 2023 22:12:39 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: b3868f39e2045
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1769811159%26vteXpYrS%3D1675118559%26vr%3D04bd48321860a5701c2254a8ffffffff%26vt%3D04bd48321860a5701c2254a8fffffffe; Expires=Fri, 30 Jan 2026 22:12:39 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D04bd48321860a5701c2254a8ffffffff%26vt%3D04bd48321860a5701c2254a8fffffffe; Expires=Fri, 30 Jan 2026 22:12:39 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000b3868f39e2045-3416647ddba0a521-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 30 Jan 2023 22:12:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220027-HHN, cache-bma1666-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675116759.996386,VS0,VE180
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
192.229.221.25200 OK 607 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 192.229.221.25:0
File type JSON data\012- , ASCII text, with very long lines (1019), with no line terminators
Hash 42cff8b0b9a979167ce7578cabdfd2eb
e219f070d4043da7d4b8ad892a1a4edbb931c305
dc80554a4b97495acf0cdcd4238bd746ffd54c7309df0e41d26dd752552cf3fa
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1443
Origin: https://www.t-post.com
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.t-post.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 22:12:39 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"3fb-bZIDeEyW/DiPpTgQSyZyoxQPQLs"
paypal-debug-id: 077a036426494
server: ECAcc (frc/4C89)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 30 Jan 2024 22:12:39 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 31 Jan 2023 06:58:35 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Thu, 02 Feb 2023 22:12:38 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY3NTExNjc1OTEwNSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Mon, 30 Jan 2023 22:42:39 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1769811159%26vteXpYrS%3D1675118559%26vr%3D04bd48171860a1d55f6ea99dfd8280e4%26vt%3D04bd48171860a1d55f6ea99dfd8280e3%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:39 GMT; HttpOnly; Secure
ts_c=vr%3D04bd48171860a1d55f6ea99dfd8280e4%26vt%3D04bd48171860a1d55f6ea99dfd8280e3; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:39 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000077a036426494-045c79a59cefde13-01
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 607
X-Firefox-Spdy: h2
c6.paypal.com/v1/r/d/b/p3?f=uid_3ddf8febdd_mji6mti6nta&s=SMART_PAYMENT_BUTTONS
151.101.193.35200 OK 0 B URL HTTP/2 c6.paypal.com/v1/r/d/b/p3?f=uid_3ddf8febdd_mji6mti6nta&s=SMART_PAYMENT_BUTTONS
IP 151.101.193.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/r/d/b/p3?f=uid_3ddf8febdd_mji6mti6nta&s=SMART_PAYMENT_BUTTONS HTTP/1.1
Host: c6.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
correlation-id: 3a4ffb6c2adff
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 3a4ffb6c2adff
traceparent: 00-00000000000000000003a4ffb6c2adff-75888b9312e84356-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 30 Jan 2023 22:12:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220089-HHN, cache-bma1654-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675116759.071851,VS0,VE202
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 0
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
192.229.221.25200 OK 606 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 192.229.221.25:0
File type JSON data\012- , ASCII text, with very long lines (1011), with no line terminators
Hash d87b0d258db16fb9ef695a521e7d6042
84d70bcc25a376b0defda1bda3640c1e933a31f3
2f365bbff2e479578ac7cc4f46b001f95dec239f1e791aa69996b15d9930a417
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 8163
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF5TXF2UDl3b1hWaDJabnBUTDkxS2M0bU9sZ3FFNzJ2U25SU0tmdF80UGE0STdRSHhoc1JZY2h2bG9uVjBCYXNZVVRjQkhuQzRWa0EtLWYmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AayMqvP9woXVh2ZnpTL91Kc4mOlgqE72vSnRSKft_4Pa4I7QHxhsRYchvlonV0BasYUTcBHnC4VkA--f&sdkCorrelationID=f8446099fbfdc&storageID=uid_75f37ef678_mji6mti6nta&sessionID=uid_3ddf8febdd_mji6mti6nta&buttonSessionID=uid_27af010ecc_mji6mti6nte&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup¤cy=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 22:12:39 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"3f3-smXg/Wg+bbCR7TX5Jo0TUptaX8U"
paypal-debug-id: 036762b128837
server: ECAcc (frc/4CC2)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 30 Jan 2024 22:12:39 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 31 Jan 2023 06:58:35 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Thu, 02 Feb 2023 22:12:38 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY3NTExNjc1OTE3OSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Mon, 30 Jan 2023 22:42:39 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1769811159%26vteXpYrS%3D1675118559%26vr%3D04bd486a1860a78852de1d52ff308ab1%26vt%3D04bd486a1860a78852de1d52ff308ab0%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:39 GMT; HttpOnly; Secure
ts_c=vr%3D04bd486a1860a78852de1d52ff308ab1%26vt%3D04bd486a1860a78852de1d52ff308ab0; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:39 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000036762b128837-2de610da5b2b6fae-01
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 606
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
192.229.221.25200 OK 617 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 192.229.221.25:0
File type JSON data\012- , ASCII text, with very long lines (1026), with no line terminators
Hash ea45b3f3de677212e5966feec9808fae
bcec87b9189c7f128e404dd98648e2cde5651faa
83850da342806cbd72fd21f9ebf7bfa1a9367f609f492bb4a82ea5370edcf28a
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1437
Origin: https://www.paypal.com
Connection: keep-alive
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.350&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF5TXF2UDl3b1hWaDJabnBUTDkxS2M0bU9sZ3FFNzJ2U25SU0tmdF80UGE0STdRSHhoc1JZY2h2bG9uVjBCYXNZVVRjQkhuQzRWa0EtLWYmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AayMqvP9woXVh2ZnpTL91Kc4mOlgqE72vSnRSKft_4Pa4I7QHxhsRYchvlonV0BasYUTcBHnC4VkA--f&sdkCorrelationID=f8446099fbfdc&storageID=uid_75f37ef678_mji6mti6nta&sessionID=uid_3ddf8febdd_mji6mti6nta&buttonSessionID=uid_27af010ecc_mji6mti6nte&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup¤cy=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Cookie: tsrce=targetingnodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
date: Mon, 30 Jan 2023 22:12:39 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"402-XFJ3tx4jdPKLapfe1jpgxzL3brA"
paypal-debug-id: 011b4710a8177
server: ECAcc (frc/4CF8)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 30 Jan 2024 22:12:39 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 31 Jan 2023 06:58:35 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Thu, 02 Feb 2023 22:12:38 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY3NTExNjc1OTE5OSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Mon, 30 Jan 2023 22:42:39 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1769811159%26vteXpYrS%3D1675118559%26vr%3D04bd48251860a7a857f9c566ff309efb%26vt%3D04bd48251860a7a857f9c566ff309efa%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:39 GMT; HttpOnly; Secure
ts_c=vr%3D04bd48251860a7a857f9c566ff309efb%26vt%3D04bd48251860a7a857f9c566ff309efa; Path=/; Domain=paypal.com; Expires=Thu, 29 Jan 2026 22:12:39 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000011b4710a8177-9d978855787a5fe0-01
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 617
X-Firefox-Spdy: h2
sumo.com/api/load/
35.86.95.232200 OK 714 B IP 35.86.95.232:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (713), with no line terminators
Hash e224926c48645eeccf451abaa22d4911
b3c8fb5740910a1a870c8c79d0362f65d7979f04
089f0523c62fce1e45697e9a66896bb18f324c34ea7183b86bac654f6484ae03
POST /api/load/ HTTP/1.1
Host: sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 209
Origin: https://www.t-post.com
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 22:12:39 GMT
content-type: application/json; charset=utf-8
content-length: 714
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.t-post.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
set-cookie: __smSessionId=s%3ALhayYO6nTegFcH4OkTR2swc7.Y9jDyTSMpvLDu263AjfKiHf1csev3NJ3WPsa0tmq6m0; Path=/; Expires=Tue, 31 Jan 2023 06:58:15 GMT; HttpOnly
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
www.t-post.com/wp-content/uploads/2016/08/tpost_176_pack-480x360.png
160.153.250.62200 OK 226 kB URL HTTP/1.1 www.t-post.com/wp-content/uploads/2016/08/tpost_176_pack-480x360.png
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type PNG image data, 480 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size 226 kB (226342 bytes)
Hash 1c7f244f28b1d4ae68678f555350feb5
a2599b48bd8a5735bfd9832cd1713d027c18f97f
a2668d10a70474097c4bf73671c70f1987b0b0662950fc990b690efda96e6d60
GET /wp-content/uploads/2016/08/tpost_176_pack-480x360.png HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Cookie: __smVID=ae5bffa2f5f3c93b7a2014c7d92904c83d35f3ae8af75a48674ed78bf4eed3a3; __utma=97338138.1205762470.1675116772.1675116772.1675116772.1; __utmb=97338138.1.10.1675116772; __utmc=97338138; __utmz=97338138.1675116772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; _jsuid=2842222611; _no_tracky_142201=1; _fbp=fb.1.1675116772186.1279254607; __smToken=LhayYO6nTegFcH4OkTR2swc7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:40 GMT
Server: Apache
Last-Modified: Thu, 27 Oct 2022 10:04:26 GMT
ETag: "37426-5ec014428e330"
Accept-Ranges: bytes
Content-Length: 226342
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:40 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.t-post.com/wp-content/uploads/2016/08/tpost_176_fp-1240x827.png
160.153.250.62200 OK 1.3 MB URL HTTP/1.1 www.t-post.com/wp-content/uploads/2016/08/tpost_176_fp-1240x827.png
IP 160.153.250.62:0
ASN #21501 Host Europe GmbH
File type PNG image data, 1240 x 827, 8-bit/color RGBA, non-interlaced\012- data
Size 1.3 MB (1323886 bytes)
Hash 4eb4e7d45e12340a37adb37502a9dd8b
36053fcc38ab098fd6455a9d3ba6b64c2a7fe721
52b497f2e5195e05755d1525b015066ee7020e0e387999a49b26fe180fb298ec
GET /wp-content/uploads/2016/08/tpost_176_fp-1240x827.png HTTP/1.1
Host: www.t-post.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Cookie: __smVID=ae5bffa2f5f3c93b7a2014c7d92904c83d35f3ae8af75a48674ed78bf4eed3a3; __utma=97338138.1205762470.1675116772.1675116772.1675116772.1; __utmb=97338138.1.10.1675116772; __utmc=97338138; __utmz=97338138.1675116772.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; _jsuid=2842222611; _no_tracky_142201=1; _fbp=fb.1.1675116772186.1279254607; __smToken=LhayYO6nTegFcH4OkTR2swc7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 22:12:42 GMT
Server: Apache
Last-Modified: Thu, 27 Oct 2022 10:02:42 GMT
ETag: "14336e-5ec013dfc1b80"
Accept-Ranges: bytes
Content-Length: 1323886
Cache-Control: max-age=31536000
Expires: Tue, 30 Jan 2024 22:12:42 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b8edbb541668f634636dc44f1559b50
0a2322b18a1cc6ca4710fce7b6d8f28263ca6064
2765a746ef8f589399e2588727364fbea9c9710327f61c979371765def1e9694
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F746a5715-1639-49f0-9350-9e74558b6a97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6893
x-amzn-requestid: 38d02de7-71c6-4e93-ae9f-5e2e434c2b62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsbVEo2oAMFTrw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2277b-49c8737605f859f724e3ed4f;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BYuZMDDcR56g58NhU38KpBY_-2IGglgSXsAtHpsSLlSiyOAuTkdlmQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 12:26:08 GMT
age: 35195
etag: "0a2322b18a1cc6ca4710fce7b6d8f28263ca6064"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
load.sumo.com/72.0a035390359aab65eb82.js
194.242.11.186200 OK 0 B URL HTTP/2 load.sumo.com/72.0a035390359aab65eb82.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /72.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:12:37 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"a1c4ecc2ca5bc12d61068cd427f9729f"
last-modified: Wed, 05 Oct 2022 16:49:50 GMT
x-amz-id-2: bRefJzrmZyURY4UtkQN1ECVBc/gW5F1O6YizdBaEr+7zELI4OcVpqMbShN1B3XT4XoXDZ9oU0/Q=
x-amz-request-id: 2T321CBS6G7567Y5
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/10/2023 19:35:39
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 33f313e5001189dc451b7d325bea044a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
151.101.193.35200 OK 0 B URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
IP 151.101.193.35:0
GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypal.com/
Cookie: tsrce=targetingnodeweb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
correlation-id: 7cfd22b48a6c1
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: 7cfd22b48a6c1
traceparent: 00-00000000000000000007cfd22b48a6c1-5b1ac8c598e07d9e-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Mon, 30 Jan 2023 22:12:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220081-HHN, cache-bma1654-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675116759.583388,VS0,VE176
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
static.getclicky.com/142201.js
104.16.221.29200 OK 0 B URL HTTP/2 static.getclicky.com/142201.js
IP 104.16.221.29:0
GET /142201.js HTTP/1.1
Host: static.getclicky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:12:36 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
expires: Wed, 01 Feb 2023 20:44:48 GMT
cache-control: max-age=604800
x-proxy-cache: HIT
content-encoding: gzip
last-modified: Wed, 25 Jan 2023 20:44:48 GMT
cf-cache-status: HIT
age: 399284
server: cloudflare
cf-ray: 791d8cce6eb30b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
IP 142.250.74.46:0
GET /s/player/4248d311/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Ae5-9eqC000?rel=0&showinfo=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 611243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 13:08:39 GMT
expires: Mon, 29 Jan 2024 13:08:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 119038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
load.sumo.com/
194.242.11.186200 OK 0 B IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET / HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.t-post.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 22:12:37 GMT
content-type: text/javascript
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=600
etag: W/"415c9608bc47ee8a16b3a2f2c0aee7b0"
last-modified: Wed, 05 Oct 2022 16:50:13 GMT
x-amz-id-2: w2sQEwv0yTyYesgi58cdX5IgnNqwZsQfPDoWQ66uv79acWC7sk4DGue0KSTrxdYr0v1255nwb2o=
x-amz-request-id: 1SHJPWDV8HBQZZYC
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/30/2023 16:31:24
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ee4abe1a271cfe5c98fbfceb8216a309
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2