r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 13d4983fb8a0ee2cb855663cc9d8f6a0
1f85fc46435f86d7f414e310670c9afe27ea9532
f4bc8150273c4fc6e90c9df8e074823a78dc8409bfcc00616265e24d7d663498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4BC8150273C4FC6E90C9DF8E074823A78DC8409BFCC00616265E24D7D663498"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14366
Expires: Mon, 20 Feb 2023 13:19:38 GMT
Date: Mon, 20 Feb 2023 09:20:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97d7dde89cca188d19690d7bf759d034
7ec36525c8b5e8e278f0c5f26da3316687d89041
f8b500f9b1e8188807aab20f8e2540b5b2e888b13ff5f6f6211bbc28056f23e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8B500F9B1E8188807AAB20F8E2540B5B2E888B13FF5F6F6211BBC28056F23E8"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7916
Expires: Mon, 20 Feb 2023 11:32:08 GMT
Date: Mon, 20 Feb 2023 09:20:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48b5fafb12e15fbede4669b549518d50
ee82e527d3c45ebbc1865cd56b93e1be5ac933db
94036245b7831c01d3112f661bd909369c9b3af89ab37be7fb07f2254a7df7d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94036245B7831C01D3112F661BD909369C9B3AF89AB37BE7FB07F2254A7DF7D5"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10334
Expires: Mon, 20 Feb 2023 12:12:26 GMT
Date: Mon, 20 Feb 2023 09:20:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Feb 2023 08:53:33 GMT
content-type: application/json
age: 1599
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pjaNkU5haTvcPzpkOvTjcHYMTluhJqpBX7nk/sqkkI7Bo+PjwB76nd4GXJ6rponnMTbpgbuo/Co=
x-amz-request-id: 92V8ZAAEF585NWVZ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Feb 2023 08:22:15 GMT
age: 3477
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 20 Feb 2023 09:20:12 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, Alert, Content-Length, Backoff, ETag, Cache-Control, Retry-After, Last-Modified, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Feb 2023 08:20:34 GMT
age: 3578
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.jonathanboettcher.com/category/blogging/
192.185.196.51200 OK 18 kB URL HTTP/1.1 www.jonathanboettcher.com/category/blogging/
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash e746610e29c03b53fa035a35099cdf09
5ed8a5c1e954cc351e643800437aa09361be1173
e0ad9b107c0eff699295c5db5246ffc146f1c0af0140dfe244745d9738f045bb
Analyzer Verdict Alert fortinet Malware
GET /category/blogging/ HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:12 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <http://www.jonathanboettcher.com/wp-json/>; rel="https://api.w.org/", <http://www.jonathanboettcher.com/wp-json/wp/v2/categories/10>; rel="alternate"; type="application/json"
Set-Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6964eabceb8fea1d79acb5165e84a912
a271fb7984244fc5c1580a938b4bd21aae37f888
8685404068a6bbe7cb726b81f7ba84e6fbf4597dc99803d186280f94635663ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8685404068A6BBE7CB726B81F7BA84E6FBF4597DC99803D186280F94635663AB"
Last-Modified: Fri, 17 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7340
Expires: Mon, 20 Feb 2023 11:22:32 GMT
Date: Mon, 20 Feb 2023 09:20:12 GMT
Connection: keep-alive
www.linksalpha.com/js/social.js?v=6.2&ver=5.9.5
142.250.74.83404 Not Found 1.6 kB URL HTTP/1.1 www.linksalpha.com/js/social.js?v=6.2&ver=5.9.5
IP 142.250.74.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 3c945cb19f23bb84a35da46774484a99
25b10eab55c1585f0e14a2bf91c6e241232e42e3
411a8b6c1680387e7836bc0f04900e8fda555953f33c6eaf2633cf026394bac3
GET /js/social.js?v=6.2&ver=5.9.5 HTTP/1.1
Host: www.linksalpha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/
HTTP/1.1 404 Not Found
Date: Mon, 20 Feb 2023 09:20:12 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 1593
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jonathanboettcher.com/wp-content/themes/headway-2013/style.css
192.185.196.51200 OK 327 B URL HTTP/1.1 www.jonathanboettcher.com/wp-content/themes/headway-2013/style.css
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (376)
Hash 24161487ad61f3407a82b00dca8a0103
2a55cfd62e57f1021ca1217d0a541de65c7a61d8
e523c701f85b1a8be779463480340ab33e9e1001ad4ede47e162c32c6ff67447
GET /wp-content/themes/headway-2013/style.css HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:12 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 16 Aug 2011 01:16:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 327
Keep-Alive: timeout=5, max=75
Content-Type: text/css
www.jonathanboettcher.com/wp-content/themes/headway-2013/media/cache/headway.css?1581457260
192.185.196.51200 OK 8.3 kB URL HTTP/1.1 www.jonathanboettcher.com/wp-content/themes/headway-2013/media/cache/headway.css?1581457260
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text, with very long lines (385)
Hash 0d789adeba7e56c2d49c6c7b11fc6b26
687b396d25cec23fef9c2ee51e51a1508de10b27
8a4d4f305c778cdc4f6aa3326f50f595c4fe7764fc34515e3618720ea96d22dc
GET /wp-content/themes/headway-2013/media/cache/headway.css?1581457260 HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:12 GMT
Server: Apache
Last-Modified: Tue, 24 Jan 2012 16:48:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8250
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
www.jonathanboettcher.com/wp-content/themes/headway-2013/media/cache/leafs.css?1581457260
192.185.196.51200 OK 295 B URL HTTP/1.1 www.jonathanboettcher.com/wp-content/themes/headway-2013/media/cache/leafs.css?1581457260
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ba5b80251e2d92fd26a03e28ff1f1f04
9b276510174a2ad3ab2a40fa57ea6a9b49e9ce62
fb975a17012498c62c8040f930e8c4c86ff11439b90f3a082e83f606259df24d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/headway-2013/media/cache/leafs.css?1581457260 HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 11 Feb 2020 21:41:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 295
Keep-Alive: timeout=5, max=75
Content-Type: text/css
www.jonathanboettcher.com/wp-content/themes/headway-2013/custom.css?1327423641
192.185.196.51200 OK 526 B URL HTTP/1.1 www.jonathanboettcher.com/wp-content/themes/headway-2013/custom.css?1327423641
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash c1b654b73a2930a19a0251f2409eb6eb
2c3dfe21cd9ae254b743795c170b50af8eeb17e5
170c06c7d840467139ea322d2daa444f0348472012490b28d35d2b6365bfa78d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/headway-2013/custom.css?1327423641 HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 24 Jan 2012 16:47:21 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 526
Keep-Alive: timeout=5, max=75
Content-Type: text/css
www.jonathanboettcher.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.196.51200 OK 4.6 kB URL HTTP/1.1 www.jonathanboettcher.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Last-Modified: Wed, 11 May 2022 15:51:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
www.jonathanboettcher.com/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.5.4
192.185.196.51200 OK 467 B URL HTTP/1.1 www.jonathanboettcher.com/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.5.4
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1190), with no line terminators
Hash aaa9edf0ee87959989bd818b476d17ec
79ee3da2d758d91375cad7626c9ed810ee104082
247aa2239302bf340a3b55af7793b5d64b316662f7c353cbc5a742cccffe9295
GET /wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.5.4 HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Last-Modified: Tue, 07 Aug 2018 14:02:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 467
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
www.jonathanboettcher.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
192.185.196.51200 OK 5.2 kB URL HTTP/1.1 www.jonathanboettcher.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15224)
Hash 00af0ddf324f69fcb25f0d2e5d08910a
df0379ab0e1b2902957c8aba77f89d88e1239b59
f0a06ed3b8d3917b358def04d87668001cd1c6da31a5cb4bb452313feb64a2a7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.5 HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Last-Modified: Wed, 11 May 2022 15:51:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5243
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
52.12.59.47101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.12.59.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5AlivRAwzWIHnZoU92onYg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: U3k4V3p/qqeYJOsrD789G8RKbzk=
www.jonathanboettcher.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.185.196.51200 OK 39 kB URL HTTP/1.1 www.jonathanboettcher.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash feb933ceca72e1d76b471ed9db278b0d
6179e8f9c9876a6c4df5e3138e9f8ee2ac25bcd1
9a525fa92f98fd5ac754d60ea6f3676bcaa3870dd9bf057c8c668399922c9bd0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 11 May 2022 15:51:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript
www.jonathanboettcher.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
192.185.196.51200 OK 16 kB URL HTTP/1.1 www.jonathanboettcher.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (39791)
Hash f9ff11f74e8529779b6d0a398d76be89
e6369c832d137f60420b232d6b8662cd65a50496
4e1528494bebb5f06ecdcb19fe8163aa967b12ff04ce04ec3badcb957433a3c7
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.5 HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 11 May 2022 15:51:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16047
Keep-Alive: timeout=5, max=75
Content-Type: text/css
www.jonathanboettcher.com/wp-content/plugins/action-comments/actioncomments.php
192.185.196.51200 OK 1.4 kB URL HTTP/1.1 www.jonathanboettcher.com/wp-content/plugins/action-comments/actioncomments.php
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2418)
Hash 7ec11fad0af8ff0741a72c5e60f63c38
0604b060df2c2bc7d6f07bd8d3f99cea7638b555
57dc15b1c1e3aaad4a62bcfb9e35f151265e8e02a31ea2f319aa8d86ff7a9c45
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/action-comments/actioncomments.php HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1442
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/javascript;charset=UTF-8
www.wishlistproducts.com/affiliatetools/images/WLM_234X60.gif
54.225.167.118301 Moved Permanently 174 B URL HTTP/1.1 www.wishlistproducts.com/affiliatetools/images/WLM_234X60.gif
IP 54.225.167.118:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 6fa22f789c753add311c8a37cf20438d
804104cb7c417c9d9cf98797dd822f2f615d81e9
34702baab5ddca220372644cc866092c5e6ecdfedcac62f7cbfc5f83518f1b2b
GET /affiliatetools/images/WLM_234X60.gif HTTP/1.1
Host: www.wishlistproducts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/
HTTP/1.1 301 Moved Permanently
Server: nginx-rc
Date: Mon, 20 Feb 2023 09:20:13 GMT
Content-Type: text/html
Content-Length: 174
Connection: keep-alive
Location: http://wishlistproducts.com/affiliatetools/images/WLM_234X60.gif
www.youtube.com/embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1
142.250.74.110301 Moved Permanently 0 B URL HTTP/1.1 www.youtube.com/embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1
IP 142.250.74.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 20 Feb 2023 09:20:13 GMT
Location: https://www.youtube.com/embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32c273f03591a760d39799b2aca7927e
5236e80503b30600573e40c674c577c06185a83f
d8e8f0daef07cc746bc65813819ed5cd30367e5cd145d00bb305757b9b4a8bd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jonathanboettcher.com/wp-content/themes/headway-2013/media/images/blockquote.gif
192.185.196.51200 OK 147 B URL HTTP/1.1 www.jonathanboettcher.com/wp-content/themes/headway-2013/media/images/blockquote.gif
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 12 x 10\012- data
Hash 6b104d5fccc243f5f4c61215ade70ad6
38f6ae0693800a6ba35734f14ab2c53e6ca7d24a
2e19a0479f00c22f42e4b27779c149ea3eb467e78640d54173886ce35642ccaa
GET /wp-content/themes/headway-2013/media/images/blockquote.gif HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/wp-content/themes/headway-2013/media/cache/headway.css?1581457260
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Last-Modified: Tue, 16 Aug 2011 01:16:12 GMT
Accept-Ranges: bytes
Content-Length: 147
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/gif
www.jonathanboettcher.com/wp-content/uploads/headway/header-uploads/header1.gif
192.185.196.51200 OK 117 kB URL HTTP/1.1 www.jonathanboettcher.com/wp-content/uploads/headway/header-uploads/header1.gif
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 950 x 280\012- data
Size 117 kB (116863 bytes)
Hash 67b6900c53b7402377c3367c2452a898
dfcba9c88dff191a0a92032bda486517f2534463
1dfa5a3da11fe987a4e19304bcd0c1a357b08529617485cdca138fab0f08f39b
GET /wp-content/uploads/headway/header-uploads/header1.gif HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Last-Modified: Fri, 05 Mar 2010 04:54:49 GMT
Accept-Ranges: bytes
Content-Length: 116863
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/gif
www.youtube.com/s/player/11e3a4ec/www-player.css
142.250.74.110200 OK 52 kB URL HTTP/2 www.youtube.com/s/player/11e3a4ec/www-player.css
IP 142.250.74.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 427e942e4668e847aae3f634667cc98f
424cb353e4306fd81e30343d8d5be6b9b63337a1
611f28d391e34eaec93f72d7c2a4ef926d558691e30b3325da499e86bdd807a8
GET /s/player/11e3a4ec/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 52107
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Feb 2023 23:01:39 GMT
expires: Mon, 19 Feb 2024 23:01:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 37114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js
142.250.74.110200 OK 110 kB URL HTTP/2 www.youtube.com/s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (679)
Size 110 kB (110359 bytes)
Hash d2b9c4c4b473c52e36ac4435714bf4f0
6d918ce5e461fe98128c3e1267d41ce8c8fb758a
b0acf230bda9df63ed18bfcbe5fba6d26b99b4dca6bb71cddfb24076695b037f
GET /s/player/11e3a4ec/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 110359
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 15:45:34 GMT
expires: Fri, 16 Feb 2024 15:45:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 322479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/11e3a4ec/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.110200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/11e3a4ec/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.110:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/11e3a4ec/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 15:45:34 GMT
expires: Fri, 16 Feb 2024 15:45:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 322479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
142.250.74.110200 OK 617 kB URL HTTP/2 www.youtube.com/s/player/11e3a4ec/player_ias.vflset/en_US/base.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (517)
Size 617 kB (616656 bytes)
Hash 3d9d0f6ef96f9fc1243497164a464fc2
2bc348aa1645796a50dd4fc7f23cee59c086bf63
25fa70f55163079139df81135681ec76a297e03e7037dcbaf79b4b1e42305bb5
GET /s/player/11e3a4ec/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 616656
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 15:45:40 GMT
expires: Fri, 16 Feb 2024 15:45:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 16 Feb 2023 01:14:03 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 322473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32c273f03591a760d39799b2aca7927e
5236e80503b30600573e40c674c577c06185a83f
d8e8f0daef07cc746bc65813819ed5cd30367e5cd145d00bb305757b9b4a8bd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wishlistproducts.com/affiliatetools/images/WLM_234X60.gif
54.225.167.118301 Moved Permanently 166 B URL HTTP/1.1 wishlistproducts.com/affiliatetools/images/WLM_234X60.gif
IP 54.225.167.118:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /affiliatetools/images/WLM_234X60.gif HTTP/1.1
Host: wishlistproducts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.jonathanboettcher.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx-rc
Date: Mon, 20 Feb 2023 09:20:13 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://wishlistmember.com/
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d05d51b48728fdcd100d5ad8ce645e7
da63db3fe51d74b7776cd6ce770c6937cbede853
3c77d0fc549913b4a1606ae27a05c67fecceb6ed0ce49be12a6c5a692d5a8e4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d05d51b48728fdcd100d5ad8ce645e7
da63db3fe51d74b7776cd6ce770c6937cbede853
3c77d0fc549913b4a1606ae27a05c67fecceb6ed0ce49be12a6c5a692d5a8e4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/ga.js
216.239.34.178200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Mon, 20 Feb 2023 08:12:03 GMT
Expires: Mon, 20 Feb 2023 10:12:03 GMT
Cache-Control: public, max-age=7200
Age: 4090
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 21:48:03 GMT
expires: Fri, 16 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 300730
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d05d51b48728fdcd100d5ad8ce645e7
da63db3fe51d74b7776cd6ce770c6937cbede853
3c77d0fc549913b4a1606ae27a05c67fecceb6ed0ce49be12a6c5a692d5a8e4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=705770121&utmhn=www.jonathanboettcher.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Blogging%20%7C%20Ad.Ventures%20in%20Internet%20Marketing&utmhid=573173641&utmr=-&utmp=%2Fcategory%2Fblogging%2F&utmht=1676884813749&utmac=UA-2610035-9&utmdid=i9k95&utmcc=__utma%3D116137757.2006428808.1676884814.1676884814.1676884814.1%3B%2B__utmz%3D116137757.1676884814.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=294024897&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
216.239.34.178200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=705770121&utmhn=www.jonathanboettcher.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Blogging%20%7C%20Ad.Ventures%20in%20Internet%20Marketing&utmhid=573173641&utmr=-&utmp=%2Fcategory%2Fblogging%2F&utmht=1676884813749&utmac=UA-2610035-9&utmdid=i9k95&utmcc=__utma%3D116137757.2006428808.1676884814.1676884814.1676884814.1%3B%2B__utmz%3D116137757.1676884814.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=294024897&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 216.239.34.178:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=705770121&utmhn=www.jonathanboettcher.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Blogging%20%7C%20Ad.Ventures%20in%20Internet%20Marketing&utmhid=573173641&utmr=-&utmp=%2Fcategory%2Fblogging%2F&utmht=1676884813749&utmac=UA-2610035-9&utmdid=i9k95&utmcc=__utma%3D116137757.2006428808.1676884814.1676884814.1676884814.1%3B%2B__utmz%3D116137757.1676884814.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=294024897&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Mon, 20 Feb 2023 09:20:13 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
ocsp.pki.goog/s/gts1p5/VfEMnrZWsSA
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/VfEMnrZWsSA
IP 142.250.74.131:0
Hash 628b03b3628411455eb5be5aa8f17ff7
d2bd39bc8e0f8a446d558ddce2538ce36ef395de
3bfdb47a8788fdc48d36e99c0f8f4552f581fb9364e3b2c890286961fc682e90
POST /s/gts1p5/VfEMnrZWsSA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
forms.aweber.com/form/displays.htm?id=jOwcrEwczGwM7A==
151.101.130.137200 OK 43 B URL HTTP/1.1 forms.aweber.com/form/displays.htm?id=jOwcrEwczGwM7A==
IP 151.101.130.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /form/displays.htm?id=jOwcrEwczGwM7A== HTTP/1.1
Host: forms.aweber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
P3P: policyref="http://www.aweber.com/w3c/p3p.xml", CP="NOI DSP COR NID IND"
Cache-control: No-Cache
Content-Type: image/gif
Pragma: No-Cache
Accept-Ranges: bytes
Date: Mon, 20 Feb 2023 09:20:13 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1658-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1676884814.597221,VS0,VE325
Vary: Accept-Encoding
Referrer-Policy: no-referrer-when-downgrade
www.jonathanboettcher.com/category/blogging/favicon.ico
192.185.196.51404 Not Found 8.3 kB URL HTTP/1.1 www.jonathanboettcher.com/category/blogging/favicon.ico
IP 192.185.196.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash fb98cdd5cf8988b10cc3efef2503b02b
9aa8b81422e4405f9373c678805dff6ada010575
8e47ef49c37284d5005fc2f07715b86f823005c3c82d4f1f0f4af41a12350b2f
GET /category/blogging/favicon.ico HTTP/1.1
Host: www.jonathanboettcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jonathanboettcher.com/category/blogging/
Cookie: PHPSESSID=7361a1316197b8d4c7e223498c1290ed
HTTP/1.1 404 Not Found
Date: Mon, 20 Feb 2023 09:20:13 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.jonathanboettcher.com/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8314
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c3fcc2714a120f58ee235b6f2008bf7b
a6da1251e0d98453e6a411fa246c6e6cac56790d
55a9637ac5d1ea18dc0b15b0e8613c32079fae3422a64bc1b7c0665894caefee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a2baff6d065a9048a4aeaa1d161980
53a1aae82f2be9f6655b81902fbd276bd91d1ab7
77de9271dc2c925e68f1a26a9b86a73b10beabd73c3302c4d98566dc7a571498
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 20 Feb 2023 09:20:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Feb 2023 09:16:33 GMT
expires: Mon, 20 Feb 2023 09:31:33 GMT
cache-control: public, max-age=900
age: 221
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 640fbb04730146d4b636e2062afb5267
fe9faa4412eaa72a7f1e6ea22f250c20a9f00f93
1c1ad6ddeabce08822b9247423ebea471c0378db7ecb681a055b2f7002967770
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a2baff6d065a9048a4aeaa1d161980
53a1aae82f2be9f6655b81902fbd276bd91d1ab7
77de9271dc2c925e68f1a26a9b86a73b10beabd73c3302c4d98566dc7a571498
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 791e968cee662a01bec431c498be07a0
5c71afdd7015734d07be2df1ad79e28ef1646ae2
6ccf96b85392ec77423ec2f2b756909a0de6480867502680d35036e95964b712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b53bc403e0ab0570909b47c9976c4bc3
ac75251663f22d11671b8089f0b1d8d868844764
bd84b9ecba7b9a74d49c6d7a56df5e8a5d813bbd8dac93714d5b68f2de2181af
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 20 Feb 2023 09:20:14 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e4bb95f161419222e75020fdb515723e
52bd6690eaa68034c0cbbc16bd8665d857c907b7
074bbafa99e06758e44c7edb4462fca26b675a278252f62ba5823aa35f423cb4
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 09:20:14 GMT
server: ESF
cache-control: private
content-length: 30804
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b53bc403e0ab0570909b47c9976c4bc3
ac75251663f22d11671b8089f0b1d8d868844764
bd84b9ecba7b9a74d49c6d7a56df5e8a5d813bbd8dac93714d5b68f2de2181af
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 20 Feb 2023 09:20:14 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e5c8488bf32a396d0efb685814e1c78
0c23063a74363e4992ee2f0bada8c84548e22511
f67f3169ba26c20657d6d49e8c2f1e30cceab87859c43d8e933bbd68829c4f97
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1020
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 09:20:14 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/VfEMnrZWsSA
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/VfEMnrZWsSA
IP 142.250.74.131:0
Hash 628b03b3628411455eb5be5aa8f17ff7
d2bd39bc8e0f8a446d558ddce2538ce36ef395de
3bfdb47a8788fdc48d36e99c0f8f4552f581fb9364e3b2c890286961fc682e90
POST /s/gts1p5/VfEMnrZWsSA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 09:20:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10037
Expires: Mon, 20 Feb 2023 12:07:31 GMT
Date: Mon, 20 Feb 2023 09:20:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10037
Expires: Mon, 20 Feb 2023 12:07:31 GMT
Date: Mon, 20 Feb 2023 09:20:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10037
Expires: Mon, 20 Feb 2023 12:07:31 GMT
Date: Mon, 20 Feb 2023 09:20:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8786243-b87e-4a31-baff-cf6738cd9df5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8786243-b87e-4a31-baff-cf6738cd9df5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45fb7a36a4efde0f93abe48efb4fdc13
22db86e51647b632038d4dd1606e22ddbc9ee759
1fc12b1cb99b1425aa5e5a0aa84de11c0f4106ac8d0b5499c0f34825328678c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8786243-b87e-4a31-baff-cf6738cd9df5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: b2b1b07b-9a6d-4061-92a4-f7c0e0a60261
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AmxiNFHuoAMFjVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f2960d-716020496f7fb2c168065757;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VgG8DkWqtAsj5aQHqEd57vH6gbMeEbZOGA5jA87sblb_t2hqpQYxVw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 22:03:59 GMT
etag: "22db86e51647b632038d4dd1606e22ddbc9ee759"
content-type: image/jpeg
age: 40575
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8235bcbe-72cd-4831-9c09-c4cdb13fd846.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8235bcbe-72cd-4831-9c09-c4cdb13fd846.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa711ffb6b7af7f4c99a4fc552ff270a
a784b1bfb1aac498464e33afc8a5601775a3bfde
89d1660aabab759eda10a4a255af2d28f8b286a63fe53dc7b30631fa09986e46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8235bcbe-72cd-4831-9c09-c4cdb13fd846.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8875
x-amzn-requestid: 95c9949f-accb-42ee-8395-6616fc311508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AmxdrEs5oAMFwqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f295f0-357c5c3e23d3a2a3524013e6;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XehgCHE4qX1A3D1mBNv805_Soe_KxOH9Uqftq9b-HYrl-hkJ4_hRfQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 22:03:56 GMT
etag: "a784b1bfb1aac498464e33afc8a5601775a3bfde"
content-type: image/jpeg
age: 40578
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac021e56-1cda-4705-942f-fd658890b5e1.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac021e56-1cda-4705-942f-fd658890b5e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1fb795dc1da607d7abd375588fd5b870
2d2ac3b1203a7256bd9f425ec32e569f262547dd
ed323b2ee3701a082f9016d13c6fb34d7df2a208407d4d10d0d70cdeddac14e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac021e56-1cda-4705-942f-fd658890b5e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7153
x-amzn-requestid: e923bb08-b66c-4a50-a40e-f77d3afdd11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AmxiPHJtoAMFofA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f2960e-2f12021e701506482d3d08d7;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 21:35:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gMWvjEN4BqskX30D30eQj_CF5p6siHb13JO7QpE8YPt6YsaMy9jlNg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 21:41:25 GMT
etag: "2d2ac3b1203a7256bd9f425ec32e569f262547dd"
content-type: image/jpeg
age: 41929
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wishlistmember.com/
188.114.96.1200 OK 49 kB IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash bb5048117150d05d8f40026d5a2e1b16
de893b94eb0c3c67b068dc4e18d6ae404cfa932a
1ecf713b33c71d251493ad6ff3b668d2eb88f4af123c86caddd4d63a2172605a
GET / HTTP/1.1
Host: wishlistmember.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.jonathanboettcher.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 09:20:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-edge-cache: cache,platform=wordpress
x-ua-compatible: IE=edge
link: <https://wishlistmember.com/wp-json/>; rel="https://api.w.org/", <https://wishlistmember.com/wp-json/wp/v2/pages/13600>; rel="alternate"; type="application/json", <https://wishlistmember.com/>; rel=shortlink
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-runcloud-srcache-fetch: HIT
x-runcloud-srcache-store: BYPASS
x-runcache-type: srcache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgPszJ7K%2FDbBE1ychwNZda6u232IbEGf2mX5wj9RYsIHJnjrw2D%2Bub%2FkjoKrCc1T6dAcLCWOtMwgcsifAQW5t7Tsa33YXptB94y5hLDFZCkEce0%2FhyROniAvQf8ZT1jcOHHhm34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79c62a46bdd9b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwK1XWOYMXy8qna9sVCV7q__QKMko9KXa8towbYhIj1EolPbqEuIHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 15:50:17 GMT
age: 62997
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281f72a4-d131-4cfa-9879-5c633718946e.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281f72a4-d131-4cfa-9879-5c633718946e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90690775d6d052b92a783fd123b9751e
f330787567c092887acb1ee9cdab1de0fdbec228
73069b0c7bfbded0f2d5435d11e458a3c7df43df45e45fc4f99e7c22de4efbfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281f72a4-d131-4cfa-9879-5c633718946e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9448
x-amzn-requestid: ba281ab3-5bfb-42d1-ae15-f990472cffdb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AmyNjGwNoAMF5hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f29723-109d347078fe868b601d103f;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 21:39:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CNqEnA-9oerExJj_grZu6ZWxVNCQgbe6AR4s3AcoFnx9QxEwR8szBQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 22:18:30 GMT
age: 39704
etag: "f330787567c092887acb1ee9cdab1de0fdbec228"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1
IP 142.250.74.110:0
GET /embed/P5B3uIGPPq0?wmode=transparent&fs=1&hl=en&modestbranding=1&iv_load_policy=3&showsearch=0&rel=0&theme=dark&hd=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.jonathanboettcher.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Feb 2023 09:20:13 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=7zwSccUjlUs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=LgNloJs7wvs; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 09:20:13 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TWpFMk5UUXpNamcwTXpJeU9UQXhPQT09EM32zJ8GGM32zJ8G; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 09:20:13 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+768; expires=Wed, 19-Feb-2025 09:20:13 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 0 B URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 17:56:42 GMT
expires: Fri, 16 Feb 2024 17:56:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 314611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2