Overview

URL shopexchange97.com/fghhnvrt52gb5vc5rt2ngb25dc/rtynhgbfvdert5gbfv52dfgbfvdc/ertnbvdce5rt2b5fcdfgnh/fvcdfg-ngbfdcdf
IP64.64.104.159
ASNLOGICWEB
Location United States
Report completed2022-09-26 15:45:54 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-26 2 mwebnice.com/7605/186/2/?subid=fibersgreenkajd Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (48)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.google.com (2) 7 2016-08-04 12:36:31 UTC 2022-09-26 09:21:47 UTC 142.250.74.164
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-26 04:27:04 UTC 157.240.200.35
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-26 08:18:12 UTC 143.204.55.115
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-26 04:28:07 UTC 34.117.237.239
mnemonic passive DNS ocsp.sca1b.amazontrust.com (5) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.100
mnemonic passive DNS d2zah9y47r7bi2.cloudfront.net (1) 0 2021-09-23 06:23:04 UTC 2022-09-26 07:30:06 UTC 54.230.245.54 Unknown ranking
mnemonic passive DNS region1.analytics.google.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-26 06:40:03 UTC 216.239.34.36 Domain (google.com) ranked at: 1
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-26 04:28:46 UTC 64.233.162.154
mnemonic passive DNS mwebnice.com (1) 0 2022-02-18 00:05:35 UTC 2022-09-26 13:01:07 UTC 172.67.146.245 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-26 05:45:55 UTC 52.39.126.109
mnemonic passive DNS d1pqvb2h9xgm7r.cloudfront.net (2) 0 2022-06-01 18:40:24 UTC 2022-09-25 12:01:06 UTC 143.204.42.96 Unknown ranking
mnemonic passive DNS www.youtube.com (2) 90 2013-05-30 23:21:49 UTC 2022-09-26 04:28:04 UTC 216.58.207.206
mnemonic passive DNS rp.liadm.com (2) 2705 2017-02-01 20:43:30 UTC 2022-09-26 12:18:05 UTC 34.233.14.107
mnemonic passive DNS d9i5ve8f04qxt.cloudfront.net (1) 0 2021-08-23 08:07:22 UTC 2022-09-26 11:05:23 UTC 143.204.42.153 Unknown ranking
mnemonic passive DNS script.hotjar.com (1) 887 2020-11-05 16:23:46 UTC 2022-09-26 08:36:43 UTC 143.204.55.46
mnemonic passive DNS www.google.no (2) 25607 2016-04-05 19:50:59 UTC 2022-09-26 08:24:59 UTC 142.250.74.3
mnemonic passive DNS token.ultracart.com (1) 755093 2018-09-06 08:37:27 UTC 2022-09-25 05:34:07 UTC 143.204.55.88
mnemonic passive DNS usage.trackjs.com (1) 3825 2014-07-09 10:28:37 UTC 2022-09-26 05:10:07 UTC 138.197.155.84
mnemonic passive DNS ocsp.pki.goog (14) 175 2017-06-14 07:23:31 UTC 2022-09-26 04:27:13 UTC 142.250.74.3
mnemonic passive DNS bartonnutrition.com (1) 0 2020-07-21 20:53:08 UTC 2022-09-25 12:20:04 UTC 104.21.9.18 Unknown ranking
mnemonic passive DNS dndngvalp4jdj.cloudfront.net (11) 0 2021-01-27 07:58:30 UTC 2022-09-25 05:34:38 UTC 143.204.42.81 Unknown ranking
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-26 05:04:38 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2022-09-26 12:10:03 UTC 143.204.55.105
mnemonic passive DNS b-code.liadm.com (1) 3597 2016-01-19 10:23:52 UTC 2022-09-26 12:18:04 UTC 143.204.55.58
mnemonic passive DNS go.maxweb.com (1) 389866 2018-04-27 11:31:31 UTC 2022-09-26 12:14:53 UTC 172.66.43.113
mnemonic passive DNS use.typekit.net (14) 494 2012-07-05 01:42:39 UTC 2022-09-26 04:43:54 UTC 23.36.76.122
mnemonic passive DNS use.fortawesome.com (1) 21348 2017-01-29 12:41:02 UTC 2022-09-26 06:12:10 UTC 151.139.128.8
mnemonic passive DNS p.typekit.net (1) 620 2012-05-23 14:28:57 UTC 2022-09-26 04:43:55 UTC 23.36.76.122
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-26 15:16:33 UTC 142.250.74.174
mnemonic passive DNS secure.ultracart.com (4) 433440 2012-09-29 18:22:41 UTC 2022-09-25 12:01:00 UTC 13.248.135.131
mnemonic passive DNS in.hotjar.com (1) 1746 2018-10-22 17:15:59 UTC 2022-09-26 04:36:24 UTC 54.76.60.60
mnemonic passive DNS capture.trackjs.com (2) 9042 2014-07-09 10:28:39 UTC 2022-09-26 11:27:21 UTC 15.235.54.6
mnemonic passive DNS static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2022-09-26 04:27:36 UTC 54.230.111.8
mnemonic passive DNS shopexchange97.com (1) 0 2020-05-16 18:36:47 UTC 2022-09-25 09:17:36 UTC 64.64.104.159 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-09-26 10:05:36 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-26 04:43:33 UTC 34.120.237.76
mnemonic passive DNS cdn.jsdelivr.net (5) 439 2012-09-30 00:15:09 UTC 2022-09-26 10:44:34 UTC 151.101.85.229
mnemonic passive DNS www.googleadservices.com (1) 107 2012-07-21 05:05:30 UTC 2022-09-26 12:23:18 UTC 142.250.74.98
mnemonic passive DNS dw26xg4lubooo.cloudfront.net (8) 0 2021-03-22 14:35:19 UTC 2022-09-25 05:34:38 UTC 54.230.245.47 Unknown ranking
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-26 04:28:35 UTC 104.18.21.226
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-09-26 09:47:43 UTC 142.250.74.66
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-26 04:27:04 UTC 157.240.200.14
mnemonic passive DNS ssl.google-analytics.com (1) 275 2012-10-03 00:55:57 UTC 2022-09-26 04:28:40 UTC 142.250.74.104
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-26 04:35:11 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-26 04:26:56 UTC 34.160.144.191
mnemonic passive DNS gardn.ultracartstore.com (1) 0 2022-06-04 20:23:05 UTC 2022-09-25 05:34:06 UTC 13.248.135.131 Unknown ranking
mnemonic passive DNS cdnjs.cloudflare.com (3) 235 2020-10-20 10:17:36 UTC 2022-09-26 06:09:43 UTC 104.17.24.14
mnemonic passive DNS www.googleoptimize.com (1) 1604 2019-07-23 08:23:32 UTC 2022-09-26 07:03:32 UTC 142.250.74.46


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 64.64.104.159

Date UQ / IDS / BL URL IP
2022-09-26 15:45:54 +0000
0 - 0 - 1 shopexchange97.com/fghhnvrt52gb5vc5rt2ngb25dc (...) 64.64.104.159

Last 5 reports on ASN: LOGICWEB

Date UQ / IDS / BL URL IP
2022-11-24 16:35:09 +0000
0 - 0 - 10 cdn.bunkr.is/Vielzuklein-hIL2qoTg.zip 149.57.25.10
2022-11-22 22:04:42 +0000
0 - 0 - 10 cdn4.bunkr.is/wunderwise.aida_wang.1.var-ac7L (...) 149.57.25.13
2022-11-20 00:23:48 +0000
0 - 0 - 19 cdn9.bunkr.is/0h8b4vt4e94ucfvc2t3ow_source-ko (...) 149.57.25.17
2022-11-19 20:18:50 +0000
0 - 0 - 3 noticiasalcaldianeiva.gov.co/aset/qbot.zip 98.159.41.68
2022-11-19 16:48:10 +0000
0 - 0 - 3 cache.cyberfile.is/lkl/ccleaner.6.05.10110.al (...) 149.57.25.14

Last 1 reports on domain: shopexchange97.com

Date UQ / IDS / BL URL IP
2022-09-26 15:45:54 +0000
0 - 0 - 1 shopexchange97.com/fghhnvrt52gb5vc5rt2ngb25dc (...) 64.64.104.159

Last 3 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-04 17:37:22 +0000
0 - 0 - 2 goibo.springotech.com/ga/click/2-64757091-160 (...) 149.102.134.15
2022-10-26 21:41:47 +0000
0 - 0 - 1 light.greenlighthomeoffer.com/ga/click/2-3721 (...) 149.102.147.47
2022-10-16 01:09:20 +0000
0 - 0 - 1 toy.card-inventory.com/ga/click/2-347265171-1 (...) 154.38.164.90


JavaScript

Executed Scripts (41)


Executed Evals (2)

#1 JavaScript::Eval (size: 179, repeated: 1) - SHA256: 6f871ac009f3875cd157111f5edea139e3d9bde19d0d466c8402b00eee85b875

                                        (function() {
    var a = "/";
    "undefined" !== typeof bp && "undefined" !== typeof bp.client && (a = bp.client.original_path);
    1 < a.length && "/" === a.substr(-1) && (a = a.substr(0, a.length - 1));
    return a
})();
                                    

#2 JavaScript::Eval (size: 433, repeated: 1) - SHA256: 1f542c6ab0bc77031769184c8fee4046518f6801f17545aad0e4c84b93e66a5d

                                        (function() {
    var a = "Unknown";
    "undefined" !== typeof bartn ? a = bartn.page_type : "undefined" !== typeof bp && (a = bp.page.type);
    "video" === a ? a = "Video Sales Letter" : "letter" === a ? a = "Sales Letter" : "hybrid" === a ? a = "VSL + SL" : "intro" === a ? a = "Interstitial" : "exit" === a ? a = "Exit Pop" : "upsell" === a ? a = "Upsell" : "receipt" === a ? a = "Receipt" : "access" === a ? a = "Instant Access" : "lead" === a ? a = "Lead Gen" : "post" === a ? a = "Article" : "misc" === a && (a = "Miscellaneous");
    return a
})();
                                    

Executed Writes (0)



HTTP Transactions (127)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11175
Expires: Mon, 26 Sep 2022 18:51:57 GMT
Date: Mon, 26 Sep 2022 15:45:42 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 15:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T0szq00yRKKwlioCvd8VWeIKwXpFAuKpSpBiupCkzHbcSjnQ-otv4w==
Age: 1824


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12315
Expires: Mon, 26 Sep 2022 19:10:57 GMT
Date: Mon, 26 Sep 2022 15:45:42 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: lM4l7OiVFnbLQpcoO1CmJFxDbMYbxLL/OKZ8xR5KIkkqDGWTSKc3D2xydlbedurq0/MQGQMkh70=
x-amz-request-id: MK9FFCFTCWTCFSRA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 14:46:22 GMT
age: 3560
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /fghhnvrt52gb5vc5rt2ngb25dc/rtynhgbfvdert5gbfv52dfgbfvdc/ertnbvdce5rt2b5fcdfgnh/fvcdfg-ngbfdcdf HTTP/1.1 
Host: shopexchange97.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         64.64.104.159
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 26 Sep 2022 15:45:42 GMT
Server: Apache
X-Powered-By: PHP/7.1.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://mwebnice.com/7605/186/2/?subid=fibersgreenkajd
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5, max=100

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 26 Sep 2022 15:45:42 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 15:45:42 GMT
Server: ECS (amb/6B7F)
Content-Length: 280

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 15:10:46 GMT
Expires: Mon, 26 Sep 2022 15:23:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RTwQxURUQm2erhlmJSN0i3uU4l0ZjnkndDhGm0KDPr3UpDoB_E6Yrw==
Age: 2096


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2040
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 15:45:43 GMT
Last-Modified: Mon, 26 Sep 2022 15:11:43 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 15:45:43 GMT
Last-Modified: Mon, 26 Sep 2022 14:42:14 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: n_SE04F2hKjnchZC-fSy21AdiEoRucC3LUd0MHrKsZfzRkm6_vbYfw==
Age: 3809

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EfDt608As7zwkOz2+lL4RQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.39.126.109
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t32bPqSCY19c3BotQ6qNwb8nssQ=

                                        
                                            GET /aff/D7CF04F5A0F2FB017FF5CD00FE1EF400/index.html?&utm_source=maxweb&utm_medium=email&utm_term=email&utm_content=fg_bowel&utm_campaign=fg_jerusalem&subid=7605_sessid20220926154549126 HTTP/1.1 
Host: gardn.ultracartstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         13.248.135.131
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Date: Mon, 26 Sep 2022 15:45:43 GMT
Content-Length: 195
Connection: keep-alive
Set-Cookie: AWSALB=grvjUGfr0Gem17fi6wzseRhtda7OiihUhpf65atKPcAPpEL+dRw0HmUmD62r0O+FkglyDXj77yanILfZCzygEshy+XlRvXmNSApdlXwWVAadK0Kw80x6DRPbyzpW; Expires=Mon, 03 Oct 2022 15:45:43 GMT; Path=/ AWSALBCORS=grvjUGfr0Gem17fi6wzseRhtda7OiihUhpf65atKPcAPpEL+dRw0HmUmD62r0O+FkglyDXj77yanILfZCzygEshy+XlRvXmNSApdlXwWVAadK0Kw80x6DRPbyzpW; Expires=Mon, 03 Oct 2022 15:45:43 GMT; Path=/; SameSite=None; Secure JSESSIONID=abcRZB6czCzVVuiumGCco; path=/; HttpOnly LBJSESSIONID=abcRZB6czCzVVuiumGCco.n212; path=/; HttpOnly
Server: Apache
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20220926154549126&utm_term=email&AFFID=474832
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   195
Md5:    0187faa1ec20232a975e3b5113e4a6de
Sha1:   69341eab587325dd589eebc1c741f7156ed08c0a
Sha256: 6828d3d990a445c10a4101c196039c4db8b87befab135601752476878f13fda1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8638
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 15:45:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8638
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 15:45:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8638
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 15:45:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8638
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 15:45:44 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZRG0Axnhc5RY5rDbnnbauco9dpPeFdkP01UxkpNYI5pgSbfGKWcikw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:16:26 GMT
age: 62958
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11728
Md5:    968b9c138702fb5994d1d9eab1a697fa
Sha1:   9660bb2d38079182efbd11d7a687bfc7f9d30751
Sha256: 5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8638
Expires: Mon, 26 Sep 2022 18:09:42 GMT
Date: Mon, 26 Sep 2022 15:45:44 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HfslSWhSAKRjZr-qqajVm6bKf9jGt2pXq8N8GlXgyTwRxWqw0y-CgA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 06:49:49 GMT
age: 32155
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 63328
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5157
Md5:    2fe8c4f0c70fb6c1f4259eabedc7015e
Sha1:   85e378d0fff856832a8dd01743516b9476fed8c6
Sha256: 508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGRBCfCtZkeYhbTpaE18IpIgUtOHyttE-0hRk8fWVB9sJS2rSbP22g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:05:32 GMT
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
age: 63612
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13584
Md5:    2c11e6fef1be62b971bd9daf378bfc95
Sha1:   ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
Sha256: b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pt7rJi8EIQFBk0gHQZ1WnjvThPba86XZCGFs83l1ZW2dj-_6bZprAA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:49:56 GMT
age: 64548
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5980
Md5:    ef17205adb2b478d3bff54b048208d22
Sha1:   12aac1bd22e675f09a220de08b4656e801c2e647
Sha256: 620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mToVKJcSAtJB1AOuQ-Y9o_EZzyhUuZJivVa3DLql5FwzK4NC82kh5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:06:17 GMT
age: 63567
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8637
Md5:    d02ede0c964f3346fd53ae2950bf2a62
Sha1:   e49306a3713cb724be024a4ddb5e90645718a718
Sha256: c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 15:45:44 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9650848
expires: Sat, 16 Sep 2023 15:45:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMpNLCYTCmwyz17kt4pM8ju9hifg07wq4b%2BpHP8qnYVXYdhEgCqJS0ULUF20Ik70DApb70ZmWSvoFKOyOc3R7ZU8JBQcAwD1YfRy9eWz%2F1FIXTBQ4AIbqUKpBU1ytOryb0Vv7Rw6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750d20df1adbb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            GET /ajax/libs/vue/2.6.11/vue.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 15:45:44 GMT
content-length: 30730
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402c-16de6"
last-modified: Mon, 04 May 2020 16:17:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2923695
expires: Sat, 16 Sep 2023 15:45:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FX2vC9BtDqra963eqkubwAym%2FBBEQ6E%2BXn3pqQSK9wkzF4SXtRavZO2LVg8KH0trronLEaY%2BunOAUUvaYrWcbF0YTFbWn8BppTh2sv4bWGcvVN0zvcoHa0lM6ISqZVBreFs34rbV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750d20df1adfb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65449)
Size:   30730
Md5:    1a1bf25af8925cde90bdfe0d08d1a7ea
Sha1:   dfbbececde0b0f9da27c40fc1f55a808677ac735
Sha256: e052553db93e43100ac9a938ed485ba3ddf9a24db1eba9a61a225a7947746b5a
                                        
                                            GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 15:45:44 GMT
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2841239
expires: Sat, 16 Sep 2023 15:45:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RznGNfwPmsy5OFxfC9NU65YyC01UODD6beWjgYh2ZpgNDP9HAJsE9BdHJcnUg%2FII6fy0%2F%2FTlZ7G2%2FXWt4SxyTZkr%2FHBHSeWlOCHtI3wVxKejNolUq8gHvRMdD8jKroM3tEwcIr4e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750d20df3b0ab4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2171)
Size:   4420
Md5:    44c72b9bddfecacc9114e84d685dd085
Sha1:   38f3ff57b9b64a38fc2153eb30564b7fc1c86349
Sha256: c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991
                                        
                                            GET /releases/current/tracker.js HTTP/1.1 
Host: d2zah9y47r7bi2.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.54
HTTP/1.1 200 OK
Content-Type: application/javascript
x-amz-meta-content-type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Sep 2018 19:10:28 GMT
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 26 Sep 2022 14:42:53 GMT
Cache-Control: s-max-age=3600, max-age=604800, public
ETag: W/"160874c6a444216fd269e7e0e2370aa7"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nqz6dWOutSWEL6OCTgdWfpWDsHk43QxkReVHeq_ASw8PYtg-xuIVgw==
Age: 3772


--- Additional Info ---
Magic:  ASCII text, with very long lines (573)
Size:   8541
Md5:    4d90be1b3c4210146cace5bcee2dc60e
Sha1:   58e746b40ea1d59f82892572318b176bcaaadf24
Sha256: ed4eec2c2e4a7e931a7eff075e1fc7cf45721ce34bdebff30726333ecd2bb1aa
                                        
                                            GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 15:45:44 GMT
age: 16272097
x-served-by: cache-fra19178-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23906
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65326)
Size:   23906
Md5:    77348602be5574ea01c6e042f63a9b12
Sha1:   1a0d5e8fdf352f8e58351f85152be5d141547e11
Sha256: 57e4cabfd2685370ba747eb1216a753a389200451202efd886758debf0d33a2a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 15:45:44 GMT
age: 13868609
x-served-by: cache-fra19179-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21785
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65299)
Size:   21785
Md5:    151629f36761d6fb6d0e0330239884a6
Sha1:   ebb9c30e5565793e2767735f0647bdf26fed4ab5
Sha256: 53c395dd774b12c572c9f1b453f7903c08de32f6958d974bc5db38634a6509d6
                                        
                                            GET /npm/video.js@7.9.7/dist/video-js.min.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 7.9.7
x-jsd-version-type: version
etag: W/"9c74-gctcuC69YhaG/DD9GQ5wdLQgH0k"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 15:45:44 GMT
age: 2381774
x-served-by: cache-fra19124-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10303
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (40048), with no line terminators
Size:   10303
Md5:    71d51659d17feda35a3cf7b77c9a077d
Sha1:   58588e786a0394daa59fe992e3fd2b23a6485be3
Sha256: 1fe0f426d39d7360192b7b9d847210a202512b32da8e8e0ff38d13acb5e22e74
                                        
                                            GET /npm/videojs-youtube@2.6.1/dist/Youtube.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.6.1
x-jsd-version-type: version
etag: W/"3678-YVZMRnLb6HnSGpkW8sui0W2NjYk"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 15:45:44 GMT
age: 2982015
x-served-by: cache-fra19121-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3833
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13944), with no line terminators
Size:   3833
Md5:    46bbf3de9ddd00713663cb35620ca495
Sha1:   52873697118219d31013516dc2bdd29117256d7f
Sha256: fb1474ebffe51947aa8747b220f96c352242611135012603a4211314e60e4d4b
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "66CB0FBA03B65EA24D907D9A14E16A73FE7A5D38"
Expires: Tue, 27 Sep 2022 02:00:00 GMT
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2974
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750d20dfdbc5b4f9-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    5b95c9cc585195e50abaa88e71725703
Sha1:   f857f500591e2c7197218a673677e62efc6677b6
Sha256: 76c7ed18c611204f28f6a257a8899b481bcddcf145bb4de089bf7bf1cc37616a
                                        
                                            GET /optimize.js?id=OPT-PG67L8H HTTP/1.1 
Host: www.googleoptimize.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.46
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 15:45:44 GMT
expires: Mon, 26 Sep 2022 15:45:44 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1720)
Size:   42593
Md5:    9f5d08f2395e762b197d8b2c70d17243
Sha1:   217ccc28cfa427f2b7edf8b36203261def30c259
Sha256: 5d925c1dc24da805871b54caa2e5db983ccac56c5e4277c8e4a1f6defa8a5725
                                        
                                            GET /ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20220926154549126&utm_term=email&AFFID=474832 HTTP/1.1 
Host: bartonnutrition.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.9.18
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 15:45:44 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
set-cookie: PHPSESSID=7bb15648666bdd929787b1c4763abade; path=/ bp_dep=0; expires=Sun, 25-Dec-2022 15:45:44 GMT; Max-Age=7776000; path=/; domain=.bartonnutrition.com bp_0=%7B%22client%22%3A%7B%22original_url%22%3A%22https%3A%5C%2F%5C%2Fbartonnutrition.com%5C%2Fptn%5C%2F21%3Fsubid%3D7605_sessid20220926154549126%26AFFID%3D474832%22%2C%22converting_referrer_url%22%3Anull%7D%2C%22session%22%3A%7B%22start_date%22%3A%222022-09-26T11%3A45%3A44-0400%22%2C%22session_id%22%3A%22BP-202209261145-443421%22%7D%2C%22internal%22%3A%7B%22upfront_offer%22%3Anull%2C%22upfront_creative%22%3Anull%7D%2C%22page%22%3A%7B%22traffic_source%22%3A%22MaxWeb%22%2C%22subid%22%3A%227605_sessid20220926154549126%22%2C%22facebook_pixel_id%22%3A%22368276591178798%22%2C%22lead_gen%22%3Atrue%2C%22exit-popup%22%3Afalse%2C%22double_exit-popup%22%3Afalse%2C%22web_engage%22%3Afalse%2C%22interstitial_redirect%22%3Afalse%7D%2C%22cart%22%3A%7B%22returnOnErrorUrl%22%3A%22https%3A%5C%2F%5C%2Fbartonnutrition.com%5C%2Fcheckout%22%2C%22redirectToUrl%22%3A%22https%3A%5C%2F%5C%2Fbartonnutrition.com%5C%2Fcheckout%3Ferror%3DSorry%252C%2520we%2520could%2520not%2520complete%2520your%2520order.%2520Please%2520try%2520again.%22%2C%22upsell_path%22%3A%22DEFAULT%22%2C%22items_taken%22%3A%7B%7D%2C%22items_rejected%22%3A%7B%7D%2C%22buysafe_wanted%22%3Anull%7D%2C%22order%22%3A%7B%22encrypted_hash%22%3Anull%7D%7D; path=/; domain=.bartonnutrition.com bp_1=%7B%22returning_visitor%22%3Afalse%7D; expires=Mon, 03-Oct-2022 15:45:44 GMT; Max-Age=604800; path=/; domain=.bartonnutrition.com bp_2=%7B%22page%22%3A%7B%22campaign_name%22%3A%22%22%2C%22campaign_medium%22%3A%22%22%2C%22campaign_source%22%3A%22%22%2C%22campaign_content%22%3A%22%22%2C%22campaign_term%22%3A%22%22%7D%7D; expires=Sun, 25-Dec-2022 15:45:44 GMT; Max-Age=7776000; path=/; domain=.bartonnutrition.com bp_3=%7B%7D; expires=Tue, 26-Sep-2023 15:45:44 GMT; Max-Age=31536000; path=/; domain=.bartonnutrition.com bp_c=1.0.0; expires=Tue, 26-Sep-2023 15:45:44 GMT; Max-Age=31536000; path=/; domain=.bartonnutrition.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc4ZtGzFnJRozdiyx7DAgSGndsa1Ba%2BuLIzGHwk6SmvTz02lNybNHEV7RQdKdevbwsW3RHTAfLATK%2BacChBXPUNmNC5vWOdPImGOk0R9yR8EQVptSHnxe5gDPGJMXndIqOlv0jAv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750d20d7dd2ab51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (24190), with CRLF, LF line terminators
Size:   113582
Md5:    56599af6a32bd96cf05a37fe21cc49a6
Sha1:   fbe256411f907166e8f688b4d7516e36c5ca2bbd
Sha256: 0ae38328749c4ad5f64ac336135a66f43e3a9b09b4499869b287a8975b921720
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /npm/video.js@7.9.7/dist/video.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 7.9.7
x-jsd-version-type: version
etag: W/"7a051-Prh+H8MqxYTMZU+QRu+/Td5IA9w"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 26 Sep 2022 15:45:44 GMT
age: 2905760
x-served-by: cache-fra19138-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 139802
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   76871
Md5:    2e0958f3aca59419c25cdbd26aa781cb
Sha1:   c5d3312003f9ff8793235750535056016c4b8ea6
Sha256: 50d241ad81145d3b6fd3c8b5a55332fc5de257b3e05b20a718fed5d275f93178
                                        
                                            GET /but5bfb.js HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
                                        
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 7152
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (4857)
Size:   7152
Md5:    7f2455adc65093c709ae9e633791c26f
Sha1:   58215c2397f6e3a426915be05ab06f72f932f21a
Sha256: 7f2c5625fcfe4a172befd076fdcacf07f676ec5dcd12c8f0f365e4df3afec99d
                                        
                                            GET /de183023.js HTTP/1.1 
Host: use.fortawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.139.128.8
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 26 Sep 2022 15:45:45 GMT
content-encoding: gzip
content-length: 3990
last-modified: Fri, 12 Nov 2021 23:03:10 GMT
accept-ranges: bytes
etag: "bfa45a60c2439cb5baf783a2c0243634"
x-hw: 1664207144.cds003.sk1.hn,1664207144.cds207.sk1.sc,1664207145.cds207.sk1.pr
cache-control: max-age=60, private, must-revalidate
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9709)
Size:   3990
Md5:    26a4bec57cf6292e69e9c3b475a903a9
Sha1:   27300e38419d1a3312f5dc950b88a4fbcbf3397b
Sha256: 6d6a9ebe5af5da81cee0690cd4aa6682d2d4c84dca1c4c3e037f5fa4fe3299bf
                                        
                                            GET /af/50d55e/000000000000000000015235/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 44180
etag: "f9731f24cd8729a0a5a2f4087491704f5fbc583c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44180, version 1.0\012- data
Size:   44180
Md5:    2ac1a2bd891725b1d6dee608a7496d8e
Sha1:   a0d2e71feb35ca464a7575bdfed27a6f74d71b39
Sha256: 4a6594dd17666cfa2ff2c9d601abb32c39ca74fab27f7597b73c8b14743d97b6
                                        
                                            GET /af/3322cc/00000000000000007735e616/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 31620
etag: "45b6acdd85bc39b5dfc108ace1ad2dbe5fca28ba"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 31620, version 1.0\012- data
Size:   31620
Md5:    76bb0b958a918b4d270df75ecf0be2fe
Sha1:   0144c98769bddbfd91ed23a0d0b1d5d86b6b6465
Sha256: 19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30
                                        
                                            GET /af/faabc2/00000000000000007735b726/30/l?subset_id=2&fvd=n4&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 17256
etag: "54ab60d8c7d01281aab7898d810568f1ea6226d1"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 17256, version 1.0\012- data
Size:   17256
Md5:    570222e92ed3a2f73d6efc7835142d28
Sha1:   18d59aceaeadafedd131f17c723970cd76514bd4
Sha256: 2619e993d17dca8366fb80df92ed4bf59845c3e9645e1a62aaa1e57f6d1aa34c
                                        
                                            GET /af/9e9765/00000000000000007735b72d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 20836
etag: "5d4bca21abcabba77a7a254d0d364f5ddb118c23"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 20836, version 1.0\012- data
Size:   20836
Md5:    d71a4ad21bce7ec3071ca2618e705602
Sha1:   26854f587f0273903a726b38554a0299985ce02e
Sha256: 739a7067cd203d3d9eeabc9fe64ef96d40295deac0c5e69ca51548e2df655359
                                        
                                            GET /af/706b32/00000000000000007735b733/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 26148
etag: "0191c40ab8a1566515b510a5fa8900ded567f877"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 26148, version 1.0\012- data
Size:   26148
Md5:    616853d604fd4c62b94d1ce5d4a27f9c
Sha1:   336a5b2d3737da2dc639e66dcdb621d877c0c2ed
Sha256: 7102361b3ac8d0b22bccee66b1e12789541ea8ef000b97d23966160a731393c1
                                        
                                            GET /af/154cda/00000000000000007735e601/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 28764
etag: "bb527db1d82be3f299f746453df8abe5f2b6ac67"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 28764, version 1.0\012- data
Size:   28764
Md5:    46444d3011ed4d27a42c3c07da7cf343
Sha1:   e4aabfe359c882a3f66e7bcb8902c136fe35d438
Sha256: c862e09dc14a6d0ba890b78cb2f57a6e1df993395106e91bf95d202fc33c4b60
                                        
                                            GET /af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 29820
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 29820, version 1.0\012- data
Size:   29820
Md5:    22f210f896c47ca032dee5d32edfee1d
Sha1:   18a0f2b6d98fe442047fa2b232705b1587b407cd
Sha256: c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
                                        
                                            GET /af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 30704
etag: "09d1a94c81035c62708e0a513ee76d7886d15a25"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 30704, version 1.0\012- data
Size:   30704
Md5:    cbae49bae5cbc8469c1a53a6bfbd5b15
Sha1:   a9fd98171826997827d0d02dab92318be2d7d639
Sha256: a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
                                        
                                            GET /af/1c0a46/00000000000000007735a075/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 18344
etag: "68620a9633e2b83b88bae6a4be941c90d40be2ce"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 18344, version 1.0\012- data
Size:   18344
Md5:    ff7524552cf0fd91af6dc3bc5bde3916
Sha1:   2e4ad19e572a725a7e99bf285af8f6f787398b87
Sha256: eb2ab77f8552bd8d85786562fffbbe755cd3ea6eca947effeca628b958577eb3
                                        
                                            GET /af/5a8032/00000000000000007735a0d8/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 30884
etag: "ece3f690a11727424b81d647834200fad767c8cd"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30884, version 1.0\012- data
Size:   30884
Md5:    7baff58fa66da9801e0d7ad90720f49a
Sha1:   4c21475b35157dd488a84ac4c9f305fa47142422
Sha256: 32ec14f75145c3ca954a2f2c4dad979f03fd605c51931f3c712bad2e4feb9633
                                        
                                            GET /af/f18587/00000000000000007735a07a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 17756
etag: "ec65454125f52ade60a7a7dba7db35136a0a5833"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17756, version 1.0\012- data
Size:   17756
Md5:    f3b736422e22b9dee8f42866c88c5ee8
Sha1:   d9ba953aec2fa2bd15443babb5c3f274b73847b8
Sha256: c70be61ebf5ebc5fb158df7bcc05e1a645c16c863901eb8487fc3d14d2ac801a
                                        
                                            GET /af/8939f9/00000000000000007735a061/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 18584
etag: "688538e722636b5c39cb4cffbe6ad7c0119c9521"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 18584, version 1.0\012- data
Size:   18584
Md5:    0598affe7cfd67517aa67dd93804948d
Sha1:   7f9a53989ab0df5f7aa87946bbc39dd7214a19b6
Sha256: fd8967417795f539dbb323ead019548f84a3875f7c2277db47d2d7ed630a48c1
                                        
                                            GET /af/b1c445/00000000000000007735b72e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 25960
etag: "a96a3358485f08484953b2f6f725bd680d120723"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 25960, version 1.0\012- data
Size:   25960
Md5:    065b4e1af4fa9aa7265af6b67406a6f2
Sha1:   a95be491948c619d61956c17f6fd24f1476827d8
Sha256: 9f5e83e263d393311f0c71497778255cf5b0c41e3d08007d38205eca84cf7e96
                                        
                                            GET /p.gif?s=1&k=but5bfb&ht=tk&h=bartonnutrition.com&f=139.171.175.176.14541.14546.14548.15700.15725.41697.41708.41710.41719&a=2068922&js=1.21.0&app=typekit&e=js&_=1664207143798 HTTP/1.1 
Host: p.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.122
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Mon, 26 Sep 2022 15:45:45 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    81144d75b3e69e9aa2fa3e9d83a64d03
Sha1:   f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
Sha256: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data= HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.googletagmanager.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 302 Found
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 15:45:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KckxY52aLZSLywXEka3wBg&random=1509970890&sscte=1&crd=CJqqsQI
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /UC/62/uca/0.1.0/js/collect.js?mid=GARDN&channel=secure.bartonnutrition.com HTTP/1.1 
Host: d9i5ve8f04qxt.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.153
HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
                                        
content-length: 102338
date: Tue, 20 Sep 2022 04:16:17 GMT
last-modified: Thu, 04 Aug 2022 13:40:23 GMT
etag: "75c5061ff51ef5d73dad3de170f2d6f7"
cache-control: max-age=604800,s-maxage=604800
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ibnQ-NBJFZ4Y_9io4wmDbynNzfTEzqoHcaPRX-0IEnozlc2L9AWNbg==
age: 559769
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5690), with CRLF, LF line terminators
Size:   102338
Md5:    75c5061ff51ef5d73dad3de170f2d6f7
Sha1:   cabae81880764579a0da1656231508d8e6a69d6c
Sha256: d0b87b3526d1b820e48befc3bf43385b76e0d6015c44afda51f63dcf1e451118
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 646
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 15:45:45 GMT
Last-Modified: Mon, 26 Sep 2022 15:34:59 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/viewthroughconversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KckxY52aLZSLywXEka3wBg&random=1509970890&sscte=1&crd=CJqqsQI HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.googletagmanager.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.66
HTTP/2 302 Found
content-type: image/gif
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 15:45:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1509970890&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=KckxY52aLZSLywXEka3wBg&random=185559882
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 26-Sep-2022 16:00:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /bartonnutrition.com/scripts/global/script.min.js?v=1.14.11.11 HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: application/javascript
                                        
access-control-allow-origin: https://bartonnutrition.com
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Thu, 05 May 2022 04:04:54 GMT
x-amz-version-id: q41zcSHm9QaumlOJ9OKG_yFn877kF6R.
server: AmazonS3
content-encoding: gzip
date: Mon, 26 Sep 2022 15:11:35 GMT
cache-control: max-age=86400
etag: W/"1009c6ae604bca9005111f0e2b391377"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o4GwfOH_xKboRj6tCSJ58L6M9Ol0T64Mvg1EHZkoypF9_j-JPsyFZQ==
age: 2050
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65328), with no line terminators
Size:   77182
Md5:    35f51c880345dbb47e3e471f93a24471
Sha1:   278025e807cb274d41ad899793ce7a92ac311ba3
Sha256: 4fec2543017dcef24fd8afc1ce075f53ffbdec397a81165b42a3b6e0d9d42ef7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 15:45:45 GMT
Last-Modified: Mon, 26 Sep 2022 14:12:28 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UhtbyvL2SvuSpAuaXQSQEIKohj5byosSWlef0DPwrYTQn680iDeNkw==
Age: 5598

                                        
                                            GET /bartonnutrition.com/images/global/pixel.gif HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 43
last-modified: Wed, 22 Jul 2020 19:54:59 GMT
x-amz-version-id: JPKws933XpaeoKWY679SblCsuAqb808s
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 15:20:33 GMT
cache-control: max-age=2600000
etag: "db04c7b378cb2db912c3ba8a5a774ee3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OsvRdLeTdGL5R8LXfes3c6dWyHuT8dgRy5juIeQ5Z9rQGO9XpNbSuA==
age: 1513
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    db04c7b378cb2db912c3ba8a5a774ee3
Sha1:   dee34bd86c3484d31002182aa2b7caa4699126b8
Sha256: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
                                        
                                            GET /bartonnutrition.com/images/global/flower-placeholder.jpg HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 208233
last-modified: Tue, 22 Mar 2022 20:37:38 GMT
x-amz-version-id: EEuPIRa9R_yQja8sVMf5ncpxY7.144iL
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 15:20:33 GMT
cache-control: max-age=2600000
etag: "9ccac4c439cfce2fabcad73d5862bf56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 308eTm870rsbhU-ZXJRFD-ylX-bNcu4ghLwXagdw7FNBnCv70lbpxw==
age: 1513
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size:   208233
Md5:    9ccac4c439cfce2fabcad73d5862bf56
Sha1:   9c86a3c4c54373c5e50e54d9751f30db71b12596
Sha256: 5fc4a7c962748b9658631aa7817a76a84dfe2a25d5f6271e72fbc8ec80a1b841
                                        
                                            POST /g/collect?v=2&tid=G-XM17T9CF1F&gtm=2oe9l0&_p=658427658&cid=365459333.1664207143&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664207143&sct=1&seg=0&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20220926154549126%26utm_term%3Demail%26AFFID%3D474832&dt=Jerusalem%20Flower&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://bartonnutrition.com
date: Mon, 26 Sep 2022 15:45:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /bartonnutrition.com/images/global/favicon.png?v=1.14.11.11 HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 4730
date: Mon, 26 Sep 2022 15:11:39 GMT
last-modified: Thu, 29 Oct 2020 21:08:25 GMT
etag: "85bc409ab592d7fb22bb7f82b72f6fef"
cache-control: max-age=2600000
x-amz-version-id: O.Zm8vNYb0ZIYzww17ZJK98TAm8.GflO
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LyqFoqXKPmzx5FSiSemJjdveiUtHnX1nBnKtdzAzIK9Z69vcXguWww==
age: 2047
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   4730
Md5:    85bc409ab592d7fb22bb7f82b72f6fef
Sha1:   7a60d2766ed2b9e5a1bed449cd4361a3a6fc4579
Sha256: d0dc73e92a9d3d78d882cf77c7fdc915f8fea96255e901120ef3cd3f53a1e556
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-8M5DP1FGCG&gtm=2oe9l0&_p=658427658&_gaz=1&cid=365459333.1664207143&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664207143&sct=1&seg=0&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20220926154549126%26utm_term%3Demail%26AFFID%3D474832&dt=Jerusalem%20Flower&en=page_view&_fv=1&_ss=1 HTTP/1.1 
Host: region1.analytics.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://bartonnutrition.com
date: Mon, 26 Sep 2022 15:45:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /seals/privacy/2593-header-gray.gif HTTP/1.1 
Host: dw26xg4lubooo.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.47
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 3789
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 05:03:46 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7509bd8e697b5c68-FRA
Date: Mon, 26 Sep 2022 14:07:27 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PYDWzhWOHmznTNpw5xgM6mk-FECtcBKvrzCFmuLJlZKJq0Do-VC9WQ==
Age: 5899


--- Additional Info ---
Magic:  GIF image data, version 89a, 150 x 49\012- data
Size:   3789
Md5:    0b45fc40b3a8717e66c4b4aa30360ecb
Sha1:   41f5f9d94626c673ee09851dd773fda6a811cd33
Sha256: 686ab50d062364af61367074bc948f6898481a1f98e6b564dd1a6ce551a41f08
                                        
                                            GET /seals/security/2593-header-gray.gif HTTP/1.1 
Host: dw26xg4lubooo.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.47
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 4037
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 05:03:46 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7509bd8ead30914d-FRA
Date: Mon, 26 Sep 2022 14:07:27 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xF52gVMEr-ZvV2iQc8v5UwygHiWbi_KBfHZ9yI3YSGt3QeesFqJt0w==
Age: 7010


--- Additional Info ---
Magic:  GIF image data, version 89a, 150 x 49\012- data
Size:   4037
Md5:    f0e5502a1301610a14d4634973dabb3b
Sha1:   83ff64873d91205f3d6c44d94cebb1fe06a7d7b1
Sha256: c3847c4945da74b78b51f5defd0568de7ef941ddcd12864b7c86c4bfc0b5dd2e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3463
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 15:45:46 GMT
Last-Modified: Mon, 26 Sep 2022 14:48:03 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /seals/certified/2593-small-gray.gif HTTP/1.1 
Host: dw26xg4lubooo.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.47
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 4112
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 05:03:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7509bd8c3a5f9ba0-FRA
Date: Mon, 26 Sep 2022 14:07:27 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DAOFVTiUt1_l4-ZkLw3HzrGHGzkl6jeZH_10zybsWXqPmDKBJWpMXQ==
Age: 5899


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 69\012- data
Size:   4112
Md5:    1b9151d48e38ca472463c19a733c3e24
Sha1:   6db01ae6583c9bf87517b6c78a5cde9ddb45b1d2
Sha256: 291af32f2eae6fb660bdfe8fdb0a09dc00101f8f4285a1c2e6055cd993203e9b
                                        
                                            GET /seals/privacy/2593-small-gray.gif HTTP/1.1 
Host: dw26xg4lubooo.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.47
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 4201
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 05:03:46 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7509c02ebe456957-FRA
Date: Mon, 26 Sep 2022 14:07:27 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZQj1nQr6JTukw5EKBRD_tsV1aGiEE4YlvTtwS2t5-09PknpxdfxIOg==
Age: 5899


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 69\012- data
Size:   4201
Md5:    ea5dbe66b1bdc960b0e84da4d94b24d1
Sha1:   2f529def99a38c07b7fde36df62751e6e5cba2ea
Sha256: 3c525bda772415a7786542078cc2a68acc053af9eb41480e763cb5a7fb6cb4ee
                                        
                                            GET /seals/business/2593-small-gray.gif HTTP/1.1 
Host: dw26xg4lubooo.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.47
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 4362
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 05:03:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 750a2085b85abbbb-FRA
Date: Mon, 26 Sep 2022 15:45:46 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: helozd9uiO7ROzVAY4f67vSuX50sIJe0YH0fWz4jhFQnZI5VXsA-3g==
Age: 1513


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 69\012- data
Size:   4362
Md5:    eb11eae985ff3b6c5682ddf8e746f4f2
Sha1:   d32fbcba4b593ed20dcd405fd63e2cbb97f939f6
Sha256: 092d1812180cb192c26a6137f939a4908cc8a55b093e6e8fa2466bf8f3088def
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 14:41:09 GMT
expires: Mon, 26 Sep 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 3877
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-8M5DP1FGCG&cid=365459333.1664207143&gtm=2oe9l0&aip=1 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         64.233.162.154
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://bartonnutrition.com
date: Mon, 26 Sep 2022 15:45:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /seals/certified/2593-header-gray.gif HTTP/1.1 
Host: dw26xg4lubooo.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.47
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 3729
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 05:03:46 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 750a6946fbfb68fb-FRA
Date: Mon, 26 Sep 2022 11:57:35 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZNrAfVTBXXIyGfmbQUoPczD_8mFWflGoZjBo4_Jev0oiMgz9NowDjQ==
Age: 13691


--- Additional Info ---
Magic:  GIF image data, version 89a, 150 x 49\012- data
Size:   3729
Md5:    bbf2297419c62982237a36c7c78c3423
Sha1:   3781ab39e7ca8146d3d30dfa765817a03b8a2993
Sha256: b838d9e300be8cbb2da18daf64f6cc0c6fc4c139ca765c7171fb8945d1a9dc44
                                        
                                            GET /seals/security/2593-small-gray.gif HTTP/1.1 
Host: dw26xg4lubooo.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.47
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 4198
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 05:03:46 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 750a20718dd79963-FRA
Date: Mon, 26 Sep 2022 15:45:46 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wZw64M8rgyNzAVB4v5FmO8nbiVSrOdqV-iKiQcd1qto_uy8Vty3fBQ==
Age: 1513


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 69\012- data
Size:   4198
Md5:    654ab41465a88bf7c22e41daf42626ed
Sha1:   b2874cb6ac83b42fa65a4dc7e3d48e94d4e879b5
Sha256: dc934baedae47cb14b59f1fd12c99205285643e44e86ef440f2485f480eef33c
                                        
                                            GET /pagead/conversion_async.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 26 Sep 2022 15:45:46 GMT
expires: Mon, 26 Sep 2022 15:45:46 GMT
cache-control: private, max-age=3600
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1654)
Size:   15693
Md5:    890f716858b5f72587e47c5eca121cb5
Sha1:   91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
Sha256: 7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /seals/business/2593-header-gray.gif HTTP/1.1 
Host: dw26xg4lubooo.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.47
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Content-Length: 3970
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 05:03:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7509bd922bdb9b58-FRA
Date: Mon, 26 Sep 2022 14:07:27 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KMi-xw1W2nQ3YZ92tQKUNr5vh3DWAv_6zPZhrZua9VMPdmwP0CqRyw==
Age: 7010


--- Additional Info ---
Magic:  GIF image data, version 89a, 150 x 49\012- data
Size:   3970
Md5:    5fb191a148803b9e29deb8cb2bf72ba4
Sha1:   71087ec22b84ffaa3eeb3ea3fea911ce0a3af168
Sha256: 9c1e88381fa02b2c4c3a51b20fae1e80a3edbb847f3cc732f45f145f71437368
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ggdRpa/6t3hEXwFQLUwbK3Qmm0zQP+Vwg79aQB0OOHSxzVWizVz9/Qn0E4aQ2rCuqoq5TRJUNa3gD69h0arjSA==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Mon, 26 Sep 2022 15:45:46 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26840
Md5:    e1327a02d76346c7e23d114e4e508b30
Sha1:   195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
Sha256: 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
                                        
                                            OPTIONS /v1/rt HTTP/1.1 
Host: d1pqvb2h9xgm7r.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bartonnutrition.com/
Origin: https://bartonnutrition.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.96
HTTP/2 204 No Content
                                        
date: Mon, 26 Sep 2022 05:00:23 GMT
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-max-age: 300
apigw-requestid: ZDS8MiFVIAMEV5Q=
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NuSLx9Us4ADhlTRxQj80SUyqBsnh2_jx-Y5ky5RuHY8Zr3Wf6lc9vQ==
age: 38723
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.104
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Mon, 26 Sep 2022 14:17:11 GMT
expires: Mon, 26 Sep 2022 16:17:11 GMT
cache-control: public, max-age=7200
age: 5315
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /modules.01a02f6e8b126e8c8358.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.46
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 65760
date: Fri, 23 Sep 2022 10:32:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "88b47d3464ed75957aaec1d6b297a6e8"
last-modified: Fri, 23 Sep 2022 10:32:03 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3Vk8RBD0N4zpI6zjaIfmmVhkPvknyATW9qdcqo3eIemUr7otuuZn5Q==
age: 278020
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   65760
Md5:    88b47d3464ed75957aaec1d6b297a6e8
Sha1:   760b0f75cc7a47bfd293e211fc950218675cdf41
Sha256: 84812290eadd6391e8c8083c3016bbb7de5a43346f873080b74052eda996392b
                                        
                                            GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8M5DP1FGCG&cid=365459333.1664207143&gtm=2oe9l0&aip=1&z=651332722 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 15:45:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1509970890&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=KckxY52aLZSLywXEka3wBg&random=185559882 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.googletagmanager.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 302 Found
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 15:45:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1509970890&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=KckxY52aLZSLywXEka3wBg&random=185559882&ipr=y&prhg=0
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /s/player/abfb84fe/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.206
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 53539
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 04:10:25 GMT
expires: Mon, 25 Sep 2023 04:10:25 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
age: 128121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (717)
Size:   53539
Md5:    6033744b362cbee7e4bc268ac2bfe715
Sha1:   ddee3cf6d2fc4dc3d07a8f602543903dca73e73a
Sha256: e99370f6de547c56c42033ba649027425a71f8a54ee84052bf0763e4707b25ef
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 15:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1509970890&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=KckxY52aLZSLywXEka3wBg&random=185559882&ipr=y&prhg=0 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.googletagmanager.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 15:45:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.105
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rAxIe5u_qNmDRRRMn98oYmK-7uUt2TEc_DEc0VuQ9Rqg3YnGKAFVBA==
age: 1664919
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Size:   1044
Md5:    f6a9ca04b0687ea3c0d98e8430c8c77b
Sha1:   35503b2deb23091a9a9c6c68d4020dbdf879588e
Sha256: 8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41
                                        
                                            GET /bartonnutrition.com/images/video/012/02-offer.jpg HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 38066
last-modified: Tue, 22 Mar 2022 20:37:37 GMT
x-amz-version-id: aqJAnRbpXdWBCcjsOT2UKDgz66jHDwv6
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 15:45:47 GMT
cache-control: max-age=2600000
etag: "721d978a326f3c45fde8f006ea52144a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _aj9pHlQrAuFlFHxTEkBtfnepSyC00i5uIkLJKuAqcIGWAk435sbBA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x350, components 3\012- data
Size:   38066
Md5:    721d978a326f3c45fde8f006ea52144a
Sha1:   bc5925c2114fcb9225aa3b707206a074c1254139
Sha256: 990c38230ea2b29e4856e299283f7fb07464af249b91da857c545266b6f604aa
                                        
                                            GET /bartonnutrition.com/images/video/012/03-offer.jpg HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 31446
last-modified: Tue, 15 Mar 2022 21:43:04 GMT
x-amz-version-id: sUgpwiJG_U7tsh08wP1b2xl3xExRUJwm
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 15:45:47 GMT
cache-control: max-age=2600000
etag: "eb9acb7344612425f061123762f158fe"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gj7xfb2Fljk6H9q6taRTH4MLD4VEA4ewGqv-Y2rN2avMJ6sLSSuKRg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x350, components 3\012- data
Size:   31446
Md5:    eb9acb7344612425f061123762f158fe
Sha1:   911ccfb0b7e29fd6969e5f275d3fac1afcceb044
Sha256: 4d191ccc3933ee02fc2200cb39367f969f125918b9e3876d1e237b19665912cf
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6313
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 15:45:46 GMT
Last-Modified: Mon, 26 Sep 2022 14:00:33 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 727

                                        
                                            GET /bartonnutrition.com/images/video/012/01-offer.jpg HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 20312
last-modified: Tue, 15 Mar 2022 21:43:04 GMT
x-amz-version-id: N22ZvpbkjCF2HABjfZwgM00qCMnYnqkX
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 15:45:47 GMT
cache-control: max-age=2600000
etag: "d8575e86b99a7ccbff9420ca92cd1233"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i2Fx0jkPVQixHz59GIw9-iIIb3SPTnGoyLHFO6dTA1pksyhM_1PNdQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x350, components 3\012- data
Size:   20312
Md5:    d8575e86b99a7ccbff9420ca92cd1233
Sha1:   8b5dacf3b2b1f15689fe1a1ffc0c532ca1e6d657
Sha256: e8051a857b34ea5baa4680d9e1b302faf41bf5f437b03cfc66d31bafbb050fa9
                                        
                                            GET /bartonnutrition.com/images/video/012/add-to-cart.png HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 73562
last-modified: Tue, 15 Mar 2022 21:43:09 GMT
x-amz-version-id: yZp4GPWfPCujsIUd3pW400SwQLMzNeCB
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 15:45:47 GMT
cache-control: max-age=2600000
etag: "86ad81bd78eceb2724ef77f9dadeb314"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nFwioBSS4o9p6niVy2yqdqXE5gpEDA5XrByJrpkQNJi4nVUNcYEy1w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 800 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size:   73562
Md5:    86ad81bd78eceb2724ef77f9dadeb314
Sha1:   ee1fd3a99822889d4e446b1d51ccbffe24f7c7aa
Sha256: 236785a291323e5db370be614d7d3d048617c2f4cf9103b4688e0c682b4b36a1
                                        
                                            GET /tr/?id=368276591178798&ev=PageView&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20220926154549126%26utm_term%3Demail%26AFFID%3D474832&rl=&if=false&ts=1664207144528&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664207144527.1005028629&it=1664207144347&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Mon, 26 Sep 2022 15:45:46 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /capture?token=5a697d58eec24ae599b030cf7cc56ebd HTTP/1.1 
Host: capture.trackjs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2358
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         15.235.54.6
HTTP/2 200 OK
                                        
server: nginx
date: Mon, 26 Sep 2022 15:45:46 GMT
content-length: 0
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            POST /v1/rt HTTP/1.1 
Host: d1pqvb2h9xgm7r.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 481
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.96
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 30
date: Mon, 26 Sep 2022 15:45:46 GMT
server: Apache
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: date, x-api-id
apigw-requestid: ZExepiigoAMESKA=
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MvIbGPveuUyYaAhOxzfWGHOwjuyRXaFDhPZ9n-aY9Pref6VH6pRbKA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   30
Md5:    88162a743f3db43a7bd41526c46a477e
Sha1:   cb5f8c263ed8bee795c8fa7504a177d72cf66cba
Sha256: 81e42c3942defaf6bcb76f96b5b30cebc054427eca09930bec1614acaa828827
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 15:45:46 GMT
Last-Modified: Mon, 26 Sep 2022 14:25:49 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iLYjUJhNHo5HSeCAwotCTzjkgOCgOu0uzi5ARWb3NWq227FlIqXtIQ==
Age: 4797

                                        
                                            POST /capture?token=5a697d58eec24ae599b030cf7cc56ebd HTTP/1.1 
Host: capture.trackjs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4548
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         15.235.54.6
HTTP/2 200 OK
                                        
server: nginx
date: Mon, 26 Sep 2022 15:45:46 GMT
content-length: 0
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            GET /a-075m.min.js HTTP/1.1 
Host: b-code.liadm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.58
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 26 Sep 2022 10:05:55 GMT
cache-control: public, max-age=86400
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qjIpL_IOxPvyhorIpM3iF2gN2VTzzGKrkauZIDr2kSaiv5SkfXtU7A==
age: 20391
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10492
Md5:    84d2f9fd4724ebb5381ac1a238b8b237
Sha1:   8aad94a338e145c9090a3f43ec1afa89da90b90e
Sha256: 4b7f4ca6a41a49e9601f0f6b6ac4d6c58dfed2317dd241bd970abb41fd1140ca
                                        
                                            GET /j?dtstmp=1664207144447&aid=a-075m&se=e30&duid=9fdfca52ca67--01gdx7kh9hwxkp1wypyns8njfz&tna=v2.4.2&pu=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20220926154549126%26utm_term%3Demail%26AFFID%3D474832&wpn=lc-bundle&c=PHRpdGxlPkplcnVzYWxlbSBGbG93ZXI8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaXNjb3ZlciBuYXR1cmFsIHdheXMgdG8gc3VwcG9ydCB5b3VyIGJvZHkncyBuYXR1cmFsIGhlYWxpbmcgcmVzcG9uc2Ugc3lzdGVtLiI-PGgxPkplcnVzYWxlbSdzICJNeXN0ZXJpb3VzIDExIiBTYWZlbHkgJmFtcDsgTmF0dXJhbGx5IENhbG1zIEVycmF0aWMgQmxvb2QgU3VnYXIgRm9yIFVwIFRvIDI0Jm5ic3A7SG91cnMuLi48L2gxPjxoMT5KZXJ1c2FsZW0ncyAiTXlzdGVyaW91cyAxMSIgU2FmZWx5ICZhbXA7IE5hdHVyYWxseSBDYWxtcyBFcnJhdGljIEJsb29kIFN1Z2FyIEZvciBVcCBUbyAyNCZuYnNwO0hvdXJzLi4uPC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNTk8L2gxPjxoMSBjbGFzcz0iY2FyZC10aXRsZSBwcmljaW5nLWNhcmQtdGl0bGUiPiQzOSA8c21hbGw-cGVyIGNvbnRhaW5lcjwvc21hbGw-PC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNDkgPHNtYWxsPnBlciBjb250YWluZXI8L3NtYWxsPjwvaDE- HTTP/1.1 
Host: rp.liadm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.233.14.107
HTTP/2 302 Found
                                        
date: Mon, 26 Sep 2022 15:45:46 GMT
content-length: 0
trace-id: cf4cf87e72ccbb19
vary: Origin
location: /j?dtstmp=1664207144447&aid=a-075m&se=e30&duid=9fdfca52ca67--01gdx7kh9hwxkp1wypyns8njfz&tna=v2.4.2&pu=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20220926154549126%26utm_term%3Demail%26AFFID%3D474832&wpn=lc-bundle&c=PHRpdGxlPkplcnVzYWxlbSBGbG93ZXI8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaXNjb3ZlciBuYXR1cmFsIHdheXMgdG8gc3VwcG9ydCB5b3VyIGJvZHkncyBuYXR1cmFsIGhlYWxpbmcgcmVzcG9uc2Ugc3lzdGVtLiI-PGgxPkplcnVzYWxlbSdzICJNeXN0ZXJpb3VzIDExIiBTYWZlbHkgJmFtcDsgTmF0dXJhbGx5IENhbG1zIEVycmF0aWMgQmxvb2QgU3VnYXIgRm9yIFVwIFRvIDI0Jm5ic3A7SG91cnMuLi48L2gxPjxoMT5KZXJ1c2FsZW0ncyAiTXlzdGVyaW91cyAxMSIgU2FmZWx5ICZhbXA7IE5hdHVyYWxseSBDYWxtcyBFcnJhdGljIEJsb29kIFN1Z2FyIEZvciBVcCBUbyAyNCZuYnNwO0hvdXJzLi4uPC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNTk8L2gxPjxoMSBjbGFzcz0iY2FyZC10aXRsZSBwcmljaW5nLWNhcmQtdGl0bGUiPiQzOSA8c21hbGw-cGVyIGNvbnRhaW5lcjwvc21hbGw-PC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNDkgPHNtYWxsPnBlciBjb250YWluZXI8L3NtYWxsPjwvaDE-&n3pc=true
set-cookie: lidid=990659fb-39b1-4eea-87fa-f846de2aeed6; Max-Age=63072000; Expires=Wed, 25 Sep 2024 15:45:46 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://bartonnutrition.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2

                                        
                                            GET /usage.gif?token=5a697d58eec24ae599b030cf7cc56ebd&correlationId=bc5418ef-1736-45fa-b6d4-ffa61474cee3&application=&x=3c390095-ef79-4c20-ba56-a68e650a01cc& HTTP/1.1 
Host: usage.trackjs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.197.155.84
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 26 Sep 2022 15:45:46 GMT
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /j?dtstmp=1664207144447&aid=a-075m&se=e30&duid=9fdfca52ca67--01gdx7kh9hwxkp1wypyns8njfz&tna=v2.4.2&pu=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20220926154549126%26utm_term%3Demail%26AFFID%3D474832&wpn=lc-bundle&c=PHRpdGxlPkplcnVzYWxlbSBGbG93ZXI8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaXNjb3ZlciBuYXR1cmFsIHdheXMgdG8gc3VwcG9ydCB5b3VyIGJvZHkncyBuYXR1cmFsIGhlYWxpbmcgcmVzcG9uc2Ugc3lzdGVtLiI-PGgxPkplcnVzYWxlbSdzICJNeXN0ZXJpb3VzIDExIiBTYWZlbHkgJmFtcDsgTmF0dXJhbGx5IENhbG1zIEVycmF0aWMgQmxvb2QgU3VnYXIgRm9yIFVwIFRvIDI0Jm5ic3A7SG91cnMuLi48L2gxPjxoMT5KZXJ1c2FsZW0ncyAiTXlzdGVyaW91cyAxMSIgU2FmZWx5ICZhbXA7IE5hdHVyYWxseSBDYWxtcyBFcnJhdGljIEJsb29kIFN1Z2FyIEZvciBVcCBUbyAyNCZuYnNwO0hvdXJzLi4uPC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNTk8L2gxPjxoMSBjbGFzcz0iY2FyZC10aXRsZSBwcmljaW5nLWNhcmQtdGl0bGUiPiQzOSA8c21hbGw-cGVyIGNvbnRhaW5lcjwvc21hbGw-PC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNDkgPHNtYWxsPnBlciBjb250YWluZXI8L3NtYWxsPjwvaDE-&n3pc=true HTTP/1.1 
Host: rp.liadm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Referer: https://bartonnutrition.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.233.14.107
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 26 Sep 2022 15:45:46 GMT
content-length: 13
trace-id: ca8a16979ac1bf66
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 4ddb65c0-fb47-4179-8f3d-22dbfa8a351d
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://bartonnutrition.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   13
Md5:    97efe0b7ee61e154d57e80758bb797d8
Sha1:   810b4e115fe9f5ae697666febf2a9abf0b21c9ec
Sha256: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 15:45:49 GMT
Last-Modified: Mon, 26 Sep 2022 14:24:41 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: a8lq8rx16PmEO9-KW_TAnXgCCosvBE1izhkkO0qr3nk1TnHMjFkCDw==
Age: 4869

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 15:45:49 GMT
Last-Modified: Mon, 26 Sep 2022 15:26:39 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ApIe0i045xiLadXfqgKlQNrSiBTTJb9ni6g_tA_5rMxsgeuCIM1DHQ==
Age: 1150

                                        
                                            OPTIONS /rest/v2/checkout/allowedCountries HTTP/1.1 
Host: secure.ultracart.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-ultracart-api-version,x-ultracart-browser-key
Referer: https://bartonnutrition.com/
Origin: https://bartonnutrition.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.248.135.131
HTTP/1.1 200 OK
                                        
Date: Mon, 26 Sep 2022 15:45:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=TwkTCvrb4omSMKZ14zkbQo22dGmdiVc22lMWRp2JWE45yFI5AbBX8vAOWlh1wlS2yfssVUo25M8m1hH1CJ6njBJinT/YvsNXdtrMJ/88XIC7ZCp4tkLKCcfspdDu; Expires=Mon, 03 Oct 2022 15:45:49 GMT; Path=/ AWSALBCORS=TwkTCvrb4omSMKZ14zkbQo22dGmdiVc22lMWRp2JWE45yFI5AbBX8vAOWlh1wlS2yfssVUo25M8m1hH1CJ6njBJinT/YvsNXdtrMJ/88XIC7ZCp4tkLKCcfspdDu; Expires=Mon, 03 Oct 2022 15:45:49 GMT; Path=/; SameSite=None; Secure
Server: Apache
Access-Control-Allow-Origin: https://bartonnutrition.com
Access-Control-Allow-Credentials: true
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: HEAD, DELETE, POST, GET, PUT
Access-Control-Allow-Headers: x-ultracart-api-version,x-ultracart-browser-key

                                        
                                            POST /rest/v2/checkout/allowedCountries HTTP/1.1 
Host: secure.ultracart.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-UltraCart-Api-Version: 2017-03-01
x-ultracart-browser-key: 1f9e61a3106e7e017ae9d55bf21fb400
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         13.248.135.131
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Date: Mon, 26 Sep 2022 15:45:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=R1twqZcErjjk8Nh15AfOaMnbZC4dYBk1Sb5FxDEJeSpEoK0AyZ95e3cy3DLHvUeqP3ofCIEW4WBBN24sBrrglZdpsR63cqhmHgg1ZrS17FOFhtJT39ZaZ5COWxoh; Expires=Mon, 03 Oct 2022 15:45:49 GMT; Path=/ AWSALBCORS=R1twqZcErjjk8Nh15AfOaMnbZC4dYBk1Sb5FxDEJeSpEoK0AyZ95e3cy3DLHvUeqP3ofCIEW4WBBN24sBrrglZdpsR63cqhmHgg1ZrS17FOFhtJT39ZaZ5COWxoh; Expires=Mon, 03 Oct 2022 15:45:49 GMT; Path=/; SameSite=None; Secure
Server: Apache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bartonnutrition.com
Vary: Origin,Accept-Encoding
X-UltraCart-Request-Id: 0A1F237D0F0BC701837A79D93C1F91210
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (10213), with no line terminators
Size:   2345
Md5:    e0e9bde93990686f27319ac1c32e168f
Sha1:   39b1cefa8f6c2760f271558f57ff2da6e23e5895
Sha256: e98235bbbaa22bcee4010356d7a3602d2b69b677a0dc2cb2ee03546208a7f172
                                        
                                            OPTIONS /rest/v2/checkout/cart?_expand=affiliate,billing,checkout,coupons,customer_profile,gift,gift_certificate,items,items.attributes,items.multimedia,items.multimedia.thumbnails,items.physical,marketing,payment,shipping,summary,taxes,upsell_after,settings.shipping.ship_on_date,settings.billing.provinces,settings.shipping.provinces,settings.gift,settings.shipping.deliver_on_date,settings.terms,settings.taxes HTTP/1.1 
Host: secure.ultracart.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-ultracart-api-version,x-ultracart-browser-key
Referer: https://bartonnutrition.com/
Origin: https://bartonnutrition.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.248.135.131
HTTP/1.1 200 OK
                                        
Date: Mon, 26 Sep 2022 15:45:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=UDI6U0S3SftBO4213rcgaJEf/wTl+nmXW6/v+/8sT2HRBHq7OsZOr3oDOmnpo581HCOTr/NeIurCxgcapizmUJikAvvFWm61NbYHRMEC1hqSoSaDSYAACcO8bV2F; Expires=Mon, 03 Oct 2022 15:45:49 GMT; Path=/ AWSALBCORS=UDI6U0S3SftBO4213rcgaJEf/wTl+nmXW6/v+/8sT2HRBHq7OsZOr3oDOmnpo581HCOTr/NeIurCxgcapizmUJikAvvFWm61NbYHRMEC1hqSoSaDSYAACcO8bV2F; Expires=Mon, 03 Oct 2022 15:45:49 GMT; Path=/; SameSite=None; Secure
Server: Apache
Access-Control-Allow-Origin: https://bartonnutrition.com
Access-Control-Allow-Credentials: true
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: HEAD, DELETE, POST, GET, PUT
Access-Control-Allow-Headers: x-ultracart-api-version,x-ultracart-browser-key

                                        
                                            GET /rest/v2/checkout/cart?_expand=affiliate,billing,checkout,coupons,customer_profile,gift,gift_certificate,items,items.attributes,items.multimedia,items.multimedia.thumbnails,items.physical,marketing,payment,shipping,summary,taxes,upsell_after,settings.shipping.ship_on_date,settings.billing.provinces,settings.shipping.provinces,settings.gift,settings.shipping.deliver_on_date,settings.terms,settings.taxes HTTP/1.1 
Host: secure.ultracart.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-UltraCart-Api-Version: 2017-03-01
x-ultracart-browser-key: 1f9e61a3106e7e017ae9d55bf21fb400
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.248.135.131
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Date: Mon, 26 Sep 2022 15:45:49 GMT
Content-Length: 1132
Connection: keep-alive
Set-Cookie: AWSALB=J1zskEOJ015QFHw4nPh1H4BhJZ71SAurhsPv4dIjU820v79fj8g5Yrt5J3KLBLU99+wiHTn28mSGeMHM0DN05PBkD2F0gH8jUAsy1aVXBH0eYvMukCWDaZZB9qx3; Expires=Mon, 03 Oct 2022 15:45:49 GMT; Path=/ AWSALBCORS=J1zskEOJ015QFHw4nPh1H4BhJZ71SAurhsPv4dIjU820v79fj8g5Yrt5J3KLBLU99+wiHTn28mSGeMHM0DN05PBkD2F0gH8jUAsy1aVXBH0eYvMukCWDaZZB9qx3; Expires=Mon, 03 Oct 2022 15:45:49 GMT; Path=/; SameSite=None; Secure
Server: Apache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bartonnutrition.com
Vary: Origin,Accept-Encoding
X-UltraCart-Request-Id: DA9870F46E054101837A79DA3E1F22211
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   1558
Md5:    92652a44bee58d5c502b2e8fb264b112
Sha1:   b1a3bc21ccca674d5af22abe3459ed613f2c18da
Sha256: b9f40896ca4f98e73e33f08c34cc0f36c8179f3befe5bb351a647804d46a9cea
                                        
                                            GET /bartonnutrition.com/images/components/payment-methods/visa-mast-disc-amex.png HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 18168
last-modified: Wed, 22 Jul 2020 20:06:21 GMT
x-amz-version-id: 5vH56tgXOYh6DrZQTqmZB10aUKOCwBXK
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 15:20:42 GMT
cache-control: max-age=2600000
etag: "0deee3edc60de3a6f7c80d97f28480bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kzrEs_H9sKgFiVDVrNlmlEf49pg1kxafASM-coUifD1jJWmEjb_fng==
age: 1510
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 323 x 62, 8-bit/color RGBA, non-interlaced\012- data
Size:   18168
Md5:    0deee3edc60de3a6f7c80d97f28480bc
Sha1:   9987041d98b19d91cf2241e1eafc2072e2adc34e
Sha256: acd8c8514a50b7b5b657606956d0c93dee37c5026477c6ed06e8b4cb9e88b32a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9070
x-amzn-requestid: 2aceb075-d4bc-45b8-8330-5e719c565f77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKEEdPoAMFsNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca40-3f120e0774b1d58a08898c39;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: feNiTFDhUx-BfoiybnKj83hCq6CCoiMeOSEHyFs8b7cLIgKvnO1Cdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:05:32 GMT
age: 63619
etag: "c16a6f018bd80c6390b7a07f4e6698db7bfd28b0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9070
Md5:    988b0c94c41a21c736b330c3256d0a3c
Sha1:   c16a6f018bd80c6390b7a07f4e6698db7bfd28b0
Sha256: 3034912f83810b3999ffa90f5eeaf0f45773c592cfd3cf2bfb794ea1b150158c
                                        
                                            POST /api/v2/client/sites/2097433/visit-data?sv=5 HTTP/1.1 
Host: in.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 115
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.76.60.60
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 26 Sep 2022 15:45:46 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /7605/186/2/?subid=fibersgreenkajd HTTP/1.1 
Host: mwebnice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.146.245
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 15:45:43 GMT
location: https://gardn.ultracartstore.com/aff/D7CF04F5A0F2FB017FF5CD00FE1EF400/index.html?&utm_source=maxweb&utm_medium=email&utm_term=email&utm_content=fg_bowel&utm_campaign=fg_jerusalem&subid=7605_sessid20220926154549126
cache-control: max-age=3600, private
pragma: no-cache
expires: Mon, 26 Sep 2022 16:45:43 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750d20d25d9db511-OSL
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /checkout/checkout-hosted-fields-1.0.js HTTP/1.1 
Host: token.ultracart.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.88
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Fri, 17 Dec 2021 20:29:35 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: AIxokTMFSmFEihvG6rb8t6t1o2UdqKeo
server: AmazonS3
content-encoding: gzip
date: Mon, 26 Sep 2022 14:32:10 GMT
etag: W/"512dfa861970d35c07b14485ab52cf30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RMFKNPsJospgMDq5d_zs4o0lxjiIrNlJkqBfYNPkO14C2UfLMB8AOw==
age: 25763
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /conversion/iframe/?a=7605&token=3e2a3a9ca662d54af6a7c07ef0c06f02 HTTP/1.1 
Host: go.maxweb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.66.43.113
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 15:45:46 GMT
vary: Accept-Encoding
expires: Mon, 26 Sep 2022 16:45:46 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 750d20e52d230b61-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /iframe_api HTTP/1.1 
Host: www.youtube.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.206
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
x-content-type-options: nosniff
expires: Mon, 26 Sep 2022 15:45:46 GMT
date: Mon, 26 Sep 2022 15:45:46 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ZRPn9KDvvSM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=2sa_QKHIdPU; Domain=.youtube.com; Expires=Sat, 25-Mar-2023 15:45:46 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+949; expires=Wed, 25-Sep-2024 15:45:46 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bartonnutrition.com/styles/global/styles.min.css?v=1.14.11.11 HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 26 Sep 2022 15:11:35 GMT
last-modified: Wed, 22 Jul 2020 19:57:24 GMT
etag: W/"ec5e832fc9f734bc601dd3e4065eab2a"
cache-control: max-age=2600000
x-amz-version-id: 1COcJ3NcnAvCPIOgzXXkzOyXVkVmXLk8
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mVcOk7XBSkRO23h6O3a0V6d0QPhE3CGfk4HM_0YGFusScZ6esJGf0A==
age: 2050
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vendor/modernizr3.6.0.min.js HTTP/1.1 
Host: dndngvalp4jdj.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.42.81
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Wed, 25 Apr 2018 21:12:10 GMT
x-amz-version-id: hPrDidzn7AonSL1912mDwx7NrAMCc39r
server: AmazonS3
content-encoding: gzip
date: Mon, 26 Sep 2022 15:45:44 GMT
etag: W/"f4631027c55199d5f09d1eb1091474ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -nFSDWbr60caxzVDsM-yiEgjc6BSyZ-0NedMz4xbNiNul6kUl5SV0w==
age: 2404
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/hotjar-2097433.js?sv=5 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.8
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 15:45:46 GMT
cache-control: max-age=60
etag: W/a6dde05341d0901bcc507b369f708b8d
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WpFdBlLcu9iBGi5as6DvPf0Ecqayt2Nj1Ek1v-jFKLGIdz9nQ7dnjw==
X-Firefox-Spdy: h2


--- Additional Info ---