r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15421
Expires: Wed, 16 Nov 2022 08:57:43 GMT
Date: Wed, 16 Nov 2022 04:40:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fe5a11c3ca8a150aad830b739f24b58
898b730b1a66dd49c6f018333ba828410f63f347
2c3a2a8a3dfa29808bd550718025fdf355e4a88235cb50ae978abc00ee5fd23b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5451
Cache-Control: max-age=112875
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:42 GMT
Etag: "63736a6b-1d7"
Expires: Thu, 17 Nov 2022 12:01:57 GMT
Last-Modified: Tue, 15 Nov 2022 10:31:07 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14837
Expires: Wed, 16 Nov 2022 08:47:59 GMT
Date: Wed, 16 Nov 2022 04:40:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 16 Nov 2022 03:44:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3370
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gOFYFHqqHj8Gn45+2uhLp9TM42rMXfx2As++0Aly2MAS65kbENT3ppcn+BlriGGAFmwDlvp33/c=
x-amz-request-id: 7D5DPS8Y479BP3SP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 16 Nov 2022 03:51:53 GMT
age: 2929
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 04:40:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 16 Nov 2022 03:44:49 GMT
cache-control: public,max-age=3600
age: 3353
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
heypressto.com/
109.203.109.22200 OK 13 kB IP 109.203.109.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15821), with CRLF, LF line terminators
Hash 692575cc92accc7cecccd505799ea332
0de2c8e36e6a80de24180f1bd4e792a1a0332702
dc89188e77313abc03a4110f98647aa3b9f356a3908e137b3354d1bfa46398ed
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:41 GMT
Server: Apache
Link: <http://heypressto.com/wp-json/>; rel="https://api.w.org/", <http://heypressto.com/wp-json/wp/v2/pages/4462>; rel="alternate"; type="application/json", <http://heypressto.com/>; rel=shortlink
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12624
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de57a2d376db743a3987c454889f1f21
0defab699bdb1b158026f93c2dd105bcd65f6764
b1c47a81ac45af6f756a8eca8ef14a82f0113ea8f09dae7a285a4491963ae2ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5581
Cache-Control: max-age=107954
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:42 GMT
Etag: "637356af-1d7"
Expires: Thu, 17 Nov 2022 10:39:56 GMT
Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin
142.250.74.10200 OK 386 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato:400,700,300&subset=latin
IP 142.250.74.10:0
Hash 88aba26970ea41ba4a8d4a0ec987d39e
d81dcd9677b15fd128f3b06a1e4c8047e19a659b
55040a618035f8ebaffe610905b981b9f9334ec7928395e20a0cfbdb720da3ee
GET /css?family=Lato:400,700,300&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 16 Nov 2022 04:40:42 GMT
Date: Wed, 16 Nov 2022 04:40:42 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Roboto:300,500&subset=latin
142.250.74.10200 OK 564 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,500&subset=latin
IP 142.250.74.10:0
Hash 254a3dcfd6686caced973a443d8155dc
35ce952361dfcb4d0a88b89d6cabb831cda945dc
65c893c3384a41fbf47ca2cd87a6213cb5e1f0f698a55aea4a40fa2f864f46df
GET /css?family=Roboto:300,500&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 16 Nov 2022 04:40:42 GMT
Date: Wed, 16 Nov 2022 04:40:42 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
heypressto.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
109.203.109.22200 OK 10 kB URL HTTP/1.1 heypressto.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6
IP 109.203.109.22:0
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 2a3cc81919349cb551f504b077791457
1d9393824b33b80513dbb9b2c8db48b6719d5d46
13a8d762ef70a9a18c89c226c4671f986401ccb7dae1c20be18c3db1eabbb62c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.6 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:07:47 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10523
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
heypressto.com/wp-content/themes/rise/style.css?ver=5.8.6
109.203.109.22200 OK 209 B URL HTTP/1.1 heypressto.com/wp-content/themes/rise/style.css?ver=5.8.6
IP 109.203.109.22:0
Hash 6fc98e4c2d4954307c8868fb303bf658
b011f43d09ebca86411ba68488bab09f08f359a7
3794ecabc87507f95e6862d5821f3f8268d3b15ca2c2964026206c065d69ae31
GET /wp-content/themes/rise/style.css?ver=5.8.6 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 209
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
heypressto.com/wp-content/themes/rise/css/reset.css?v=2.1.3
109.203.109.22200 OK 768 B URL HTTP/1.1 heypressto.com/wp-content/themes/rise/css/reset.css?v=2.1.3
IP 109.203.109.22:0
Hash 5de3bf0579ffe3a547cbfc4d7b1e9ec0
d30acec09c2e146145070e7ae3c03198d2ffc715
803631286ab0357865a3a2524a734f461b1b7c5e9ed48a8ee565fd0170766cda
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/rise/css/reset.css?v=2.1.3 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 768
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/dropdown.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 1.1 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/dropdown.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (3129), with no line terminators
Hash 108655ae7ecc36da271314784ab627de
3d24b66868d10a6f6d7ffff7097684fb3bdf6308
f131535a4331fa22060b07256b594d660c48e3cf0f0948523f12998b0d38413d
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/dropdown.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1056
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-includes/js/jquery/jquery-migrate.min.js?v=2.1.3
109.203.109.22200 OK 4.2 kB URL HTTP/1.1 heypressto.com/wp-includes/js/jquery/jquery-migrate.min.js?v=2.1.3
IP 109.203.109.22:0
File type ASCII text, with very long lines (11126)
Hash 98a6a88a0e1577804eb98b8de29b459a
d97e067d01fc47938068b515c6f8c8ed41ce8170
284b66389a42495c2519d015713a1bf22afcf4c0d79fa8e8fe1a809889316cb4
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?v=2.1.3 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:01:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4167
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
109.203.109.22200 OK 1.8 kB URL HTTP/1.1 heypressto.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 109.203.109.22:0
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:01:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1834
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-includes/js/jquery/jquery.masonry.min.js?v=2.1.3
109.203.109.22200 OK 716 B URL HTTP/1.1 heypressto.com/wp-includes/js/jquery/jquery.masonry.min.js?v=2.1.3
IP 109.203.109.22:0
File type ASCII text, with very long lines (1626)
Hash 9d85e1af0990cd88aded996881127353
f066c0f6aa1dabade0eebe90d1e65b5f38347988
ea398ed80ebce514f813d21421b487d8683d471dc0f923f67da1b59e09e29902
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.masonry.min.js?v=2.1.3 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:01:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 716
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-includes/js/masonry.min.js?ver=4.2.2
109.203.109.22200 OK 7.4 kB URL HTTP/1.1 heypressto.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP 109.203.109.22:0
File type ASCII text, with very long lines (23966)
Hash d56e5016a4d65d6d654add02bee3f792
9238046ef54c80e04b940f86683ea33cf44d40c1
6f1a28f0ef5ad427f7d99aecc29db61d8eb25190d5eb5e539c524c916d1442f9
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:02:05 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7382
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=3.7
109.203.109.22200 OK 23 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=3.7
IP 109.203.109.22:0
Hash 39017e1c7b398d4eefe582591060c2e8
1a71842ccd52e3659b03b71a5286d2144fb59b2e
e560ca2a549fe4b49efc62b8d82d3a2e49aac1173be47dddca2260f55621cf14
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 22843
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
109.203.109.22200 OK 4.9 kB URL HTTP/1.1 heypressto.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
IP 109.203.109.22:0
File type ASCII text, with very long lines (15224)
Hash 3179794486ec4ca8f59329ccd67ae3e1
4b9c6e22ee7966479ef9844259f39f19d584f4a4
6e616b83910943042f683d5d21691f7e15aca8e2d8d154ff8f35bf09c612297a
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:02:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4930
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/acf-dynamic-elements.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 9.1 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/acf-dynamic-elements.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (32010), with no line terminators
Hash 2800cb778002c213d27296b79775c4de
e2084f69d790c112c4acf02bcd70d9166c56ac74
40f9d5bd210b4840a18b0bd639f57fe62e8c159e522a194467d97b8284a30fe9
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/acf-dynamic-elements.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9084
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/audio.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 537 B URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/audio.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (1125), with no line terminators
Hash 15bea5fe4a1e14922c7387725253c43b
6e4c92c1c02489f48b936b9547253c659b56b8f1
c3c92b9be18eeefb09098dfc614e20279aca8c9746c75c72758cb6f78d5611e9
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/audio.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 537
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/contact-form-compat.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 2.3 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/contact-form-compat.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (6317), with no line terminators
Hash 5d26983814934dc10d4c9ad46575a5a2
a19adb936c325ef56a3325dc61844a4ac3812476
5bd6ef7f8ccc6bfe08ddc51dcdd7a3843a7419540e5ef5a647d463c1cf245e74
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/contact-form-compat.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2313
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
109.203.109.22200 OK 28 kB URL HTTP/1.1 heypressto.com/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
IP 109.203.109.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f443536c27196a3700acd065fb2676d7
30f78b9083eef7e1562bdfe30f0782a8bb2afa25
4118ddeb21cf6ae41832a51198b5d781d02fe0b67f5dc619df7f912201515352
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/plupload/moxie.min.js?ver=1.3.5 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:02:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 27485
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/content-reveal.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 731 B URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/content-reveal.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (1478), with no line terminators
Hash c7d01466583ae1d6c110dd493a3cec12
12a9d34cb8b686ad484309258790f2c7b99f2b27
07db337c090c668113d990ba9f5e56aa823b29797c932943f3dd05398332aadf
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/content-reveal.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 731
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/countdown.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 3.0 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/countdown.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (8704), with no line terminators
Hash 3bbedb88c60395f2094ee546ca4240e0
4916dfb5bff45b44217a1da09c67002fa1d42175
ae265fa2b49042798ee76f10e0149ff707a691503eb1dac3ed338cc930df2987
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/countdown.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2990
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/conditional-display.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 2.7 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/conditional-display.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (8759), with no line terminators
Hash 814321f875c8738359c8de090bd6027e
3c7f2b4c88c080cfb1d89010759d8226510036fb
4d7c94c055c7fc57b7f03d6f17cb0c8ceaebebb31ae36d7c1cc05f27eb9b939d
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/conditional-display.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2726
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=3.7
109.203.109.22200 OK 157 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 157 kB (157022 bytes)
Hash 009bdde798cf91efc14927799cfb50ab
6f31db5ad1303a9a9ac022a08f4d33a3272b6739
3264e6688305b6e1ea36171f1b55d3bb28b07991910fbeac7da630e244209615
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:42 GMT
Server: Apache
Last-Modified: Mon, 28 Mar 2022 15:32:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/search-form.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 2.7 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/search-form.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (10064), with no line terminators
Hash 16ec7a3da192c9e62b38feb22199152a
30f69cca332ad8460320c0129d6eb92929007be2
36b519fa8a3bb9a809b50cceaed499b30cd6a4823d0a3d4827c3a8eef1c880ab
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/search-form.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2698
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/divider.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 450 B URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/divider.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (905), with no line terminators
Hash 0686975a981ad32f7b3855219bb6bd42
6a658eddda40315c8e17a11d10147218bbdfbcd2
9203495848032456a8c4650df3b6201ad6a51af277cdec11a49db82e29750506
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/divider.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 450
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
109.203.109.22200 OK 5.6 kB URL HTTP/1.1 heypressto.com/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
IP 109.203.109.22:0
File type ASCII text, with very long lines (15612), with no line terminators
Hash 8c25345856f5ad3f6a8bf7093c90a787
95f154d7e640ff5af1996a11899ffca0b3c19e31
c7aa3699208d59a8884718442f7e6afafd0176f59eff52cd9570a50564f16d6e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/plupload/plupload.min.js?ver=2.1.9 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:02:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5588
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/themes/rise/css/main_green.css?v=2.1.3
109.203.109.22200 OK 29 kB URL HTTP/1.1 heypressto.com/wp-content/themes/rise/css/main_green.css?v=2.1.3
IP 109.203.109.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 32ebe716ce0f3471f2f8e67778787e58
8f4c8bb7823b4a59cce48de2a377d3e28e85f59e
51b3ab8b2f8a28f291c7ff570cc8b605ab7d8ad441b4a5b94ff6206bb2edd4ce
GET /wp-content/themes/rise/css/main_green.css?v=2.1.3 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28827
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/fill-counter.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 364 B URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/fill-counter.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (666), with no line terminators
Hash 39adb229ffacb43a679107c2c44ab4b3
189e41eee513f903e5e5b9bdc7dcee289628aed5
258a6713cd765958b719b69c79456fc61320202cc4cd7645ef1e6966a0a0e886
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/fill-counter.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 364
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/file-upload.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 3.6 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/file-upload.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (9513), with no line terminators
Hash bb210915f78de0684392d38e5f6f41f3
71a6737f96bf540d232fff60b9c6f4a6c698cc64
368b7e6d7847e5d8f1062871653faf76f39776b29ceab6b6b1f59e613a179f8b
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/file-upload.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3631
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/number-counter.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 1.7 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/number-counter.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (3876), with no line terminators
Hash 56f132bb127c3ab78dfedf84425d7123
53c7313315503d04fc063b70964bf6ad1b46d413
d5e80f58cc1fe5babf61f8b5468ea3a338fdbe139fa0598bb7a4a74b9c8596b2
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/number-counter.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1703
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-includes/js/jquery/jquery.min.js?v=2.1.3
109.203.109.22200 OK 31 kB URL HTTP/1.1 heypressto.com/wp-includes/js/jquery/jquery.min.js?v=2.1.3
IP 109.203.109.22:0
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?v=2.1.3 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:01:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30908
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/lead-generation.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 6.0 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/lead-generation.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (18219), with no line terminators
Hash 496d01d02c737fc5d5f003097e91db8d
514f5f299acdb106cea2ebb6e3aa2d7a1abf7225
60ca3a8c35a9217d5e72c0e2b12e0f2b6bf7bfb5666a1bcf66b4d25a4c1b06fb
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/lead-generation.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6028
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/login.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 4.1 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/login.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (13687), with no line terminators
Hash b1375c44352c9a4dae5b75e165920952
0d8762715bdf971c28dac498c13c09f8ca37d963
49d7d31bebe8009037c65a177f70207d6a1105a74b38acf50c6a959649fdd0f7
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/login.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4143
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/image-gallery.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 4.2 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/image-gallery.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (13774), with no line terminators
Hash 071aa0cfbb8e86f0f5d859f08081d444
823c662ddcec81d44d655e42571aeab49cb326c7
4c36281848489dc36eacd90ca2891a135a8407a27c10a7aa1fdd92baa1d99fe0
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/image-gallery.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4151
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/menu.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 4.1 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/menu.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (12934), with no line terminators
Hash 02cde51c50b0e2750a4b7b5bd974b42f
be552af76ee1c7a3ff27a5955d4d07f96406e521
c5cc89db77843b5bbae91e23199761afcd721490f331ba7cce118c68e534d394
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/menu.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4103
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/image-gallery-libs.min.js?ver=3.7
109.203.109.22200 OK 20 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/image-gallery-libs.min.js?ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (42862)
Hash f28d238fcb6fe8cfdacd1adedba95941
f3bbf2b496af51137c44425e23160134dd6e4f29
1da6177998f827a98a571aeca9ab03072c0836c61e86d391137f6502c4f1a81f
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/image-gallery-libs.min.js?ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:01 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 20128
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/post-grid-compat.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 560 B URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/post-grid-compat.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (1239), with no line terminators
Hash f0850fad2c524f8e0bdac4cb7cc9d508
4ce96d7c91927b217e5d4c905d610a6c858ff8b2
e5d0cebc5c4db1bd5b5166ff1d7bdb36b052adc6fb7cb174826389b0cdd0629a
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/post-grid-compat.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 560
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/pagination.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 2.1 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/pagination.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (6138), with no line terminators
Hash 637405df4c26089587d183178a490689
ab180a5e6489c70e72f0ea39ca8014024ed76d3a
6bfd6f2e968ce8eca8ba50cd6d55b63936d77cf566b37bcaadbeba695158cbc1
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/pagination.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2117
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/pricing-table.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 478 B URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/pricing-table.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (1021), with no line terminators
Hash ff710e50ef9a31b504062f6cc8ba57b8
4a00911ca4126a27c54a89e24971aa07bd9ecadb
aabf1c804207d427cd8cac3ab1af34528511082548b6bb615424d62ef656c733
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/pricing-table.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 478
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/post-list.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 1.4 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/post-list.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (3635), with no line terminators
Hash 577fbe637e2df4767af275303dfc61c7
47bdc0dffff021381ca568ba65b8329ee671980a
1fa34c9c08df5fe3c452e848506741c58463d564364487daf3f1fd794cd922a4
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/post-list.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1410
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/progress-bar.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 1.7 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/progress-bar.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (5203), with no line terminators
Hash 33137135992cc78ee5a38032fa508ee0
adef5a4b93bead985f7a190ee1e0e7b2fa1664c3
f935988815398890c8c72e248094a53bce604c4ced1e061bddbc47de74c6db65
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/progress-bar.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1731
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/tabs.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 1.6 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/tabs.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (4833), with no line terminators
Hash 1e588f7ca3295d3ac174f61eb892eeb2
4062793822d35fc5e930ce397314e5e706e54f9f
5ed626650763f28c52411e2de0931d013ba1c98dcce8cacf2d7c0d96f8f7c2cc
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/tabs.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1555
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/timer.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 1.5 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/timer.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (3739), with no line terminators
Hash 1c3d2f589b064883b969a7769564bc4e
5654ad505b9ada56fe8591d6985361c9491b2571
4c00a1fb5363d04f7d5e9541e904d7fcad4be08470e479369e0a4f0dc42896ad
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/timer.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1497
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/table.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 699 B URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/table.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type Unicode text, UTF-8 text, with very long lines (1500), with no line terminators
Hash 0d33fb4edef56c15fb2666022ecbe994
1c07ce568aeac10ea25b50bfea5e34cc77fdbffd
80c1cf326c7b6bc1ca36464ea435928aac0e7fa60fac64811d340e908c06ba80
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/table.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 699
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/toggle.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 1.6 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/toggle.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (5520), with no line terminators
Hash 22b5c40a154fe0ab08aa7d8cebd60152
2c4b7e63b5112a5a36c12b4e12bdf4b66c744453
063be73a346708be72e7b5c972d74dcacc0bfcf4b9ecc135ea180b79007ea313
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/toggle.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1620
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/social-share.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 2.3 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/social-share.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (6032), with no line terminators
Hash 97d455390c9a7ede115118e61957b6be
9db784ca0295754f8ef7f393ee86278af7542a43
f4cafcceeaccf5ec17f73bb1210564b4d2a82be54b23778b2dad9a32cd8cf63e
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/social-share.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2286
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/toc.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 3.8 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/toc.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (10929), with no line terminators
Hash cdf358430b6807949d619ca9a482bc5a
3732a48ed9bd5537fb20d476d9921e95f1a41b0f
906042746698a7169ed43cd95a7aa320b9718fa556c5c3b2cf713934428dfba1
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/toc.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3752
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/twitter.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 426 B URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/twitter.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (769), with no line terminators
Hash 49aa3eb85fe87006737f95c1f8d75800
7c617101a615dfab0c6fffbdc11a841eb82f24e4
06a988c89322ac22d1997b4c41808d82b15cccadcae605bac1a542e567c4f9b5
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/twitter.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 426
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/user-profile.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 2.4 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/user-profile.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (6232), with no line terminators
Hash 6bdeda40ef8088e273f4a81e5f06cc64
6639bba84379877f35cdff58f3e711c7502a428c
68abbf1a27ed2d7e7dfa6e66d040c90fe3ae0f5bf9ec1ae738b04551eb3bcb6b
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/user-profile.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2431
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/video.min.js?v=3.7&ver=3.7
109.203.109.22200 OK 4.7 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/video.min.js?v=3.7&ver=3.7
IP 109.203.109.22:0
File type ASCII text, with very long lines (14801), with no line terminators
Hash fc647360182112c0bc500c5fe0236745
f29888c10b433842724f2a849e0c601f395662d9
9b765af7b0bec50953c36ec16904261e235a6a9dc657904c2596e17dfce037d4
GET /wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/video.min.js?v=3.7&ver=3.7 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:04 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4724
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/themes/rise/js/masonry.pkgd.min.js?ver=5.8.6
109.203.109.22200 OK 8.6 kB URL HTTP/1.1 heypressto.com/wp-content/themes/rise/js/masonry.pkgd.min.js?ver=5.8.6
IP 109.203.109.22:0
File type ASCII text, with very long lines (354)
Hash 05c8241674099862a0f35a5cfc8816b8
0e30dd5380049ca5e0fe3cbb40629bfea292cb88
831c44ed2fcf5b986f579129f5f98ebcc251732f6b34e7efcff6cd97c03f9415
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/rise/js/masonry.pkgd.min.js?ver=5.8.6 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:00:21 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8621
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.5.1
109.203.109.22200 OK 1.3 kB URL HTTP/1.1 heypressto.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.5.1
IP 109.203.109.22:0
File type HTML document, ASCII text, with very long lines (2954), with no line terminators
Hash bc076100261baed1f078db2eab399ded
4a87bc3a6ab95a251876807836fa26e5d8d575d0
00969c8a62634a68a694b8bb4cef81bbc28593dcd2b02b93a1261120cf734891
GET /wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.5.1 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 13:56:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1300
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/themes/rise/js/script.js?v=2.1.3
109.203.109.22200 OK 10 kB URL HTTP/1.1 heypressto.com/wp-content/themes/rise/js/script.js?v=2.1.3
IP 109.203.109.22:0
Hash f226ea66d5ace37dab4c21215a011045
29d0256b08192acc2a4244dd28fe510a899852bd
7f9e85a343bd00fb14813570b662e7f1fa1ffa35d11f31fc0dcdebcc7a373792
GET /wp-content/themes/rise/js/script.js?v=2.1.3 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:00:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10037
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
109.203.109.22200 OK 765 B URL HTTP/1.1 heypressto.com/wp-includes/js/wp-embed.min.js?ver=5.8.6
IP 109.203.109.22:0
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.8.6 HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Sat, 29 Oct 2022 14:02:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 765
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
heypressto.com/wp-content/uploads/2019/01/site_logo_3.png
109.203.109.22200 OK 2.7 kB URL HTTP/1.1 heypressto.com/wp-content/uploads/2019/01/site_logo_3.png
IP 109.203.109.22:0
File type PNG image data, 200 x 65, 8-bit colormap, non-interlaced\012- data
Hash 6878464c96db6a3d6808776d4e6dd7a8
15e71a2abd6af6cb59e0293401c0a28f40b902f0
44c7dd20fa86621483a95fc4929c35c9344946f966b95632fc74479c0c944c56
GET /wp-content/uploads/2019/01/site_logo_3.png HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:22 GMT
Accept-Ranges: bytes
Content-Length: 2699
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://heypressto.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 15 Nov 2022 18:20:06 GMT
Expires: Wed, 15 Nov 2023 18:20:06 GMT
Cache-Control: public, max-age=31536000
Age: 37237
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://heypressto.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 11 Nov 2022 23:14:46 GMT
Expires: Sat, 11 Nov 2023 23:14:46 GMT
Cache-Control: public, max-age=31536000
Age: 365157
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://heypressto.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15920
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 09 Nov 2022 21:43:03 GMT
Expires: Thu, 09 Nov 2023 21:43:03 GMT
Cache-Control: public, max-age=31536000
Age: 543460
Last-Modified: Wed, 11 May 2022 19:24:45 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Hash 716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://heypressto.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23236
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 09 Nov 2022 08:17:09 GMT
Expires: Thu, 09 Nov 2023 08:17:09 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 16:04:12 GMT
Content-Type: font/woff2
Age: 591814
heypressto.com/wp-content/themes/rise/fonts/rise-icomoon.woff?6xplcw
109.203.109.22200 OK 11 kB URL HTTP/1.1 heypressto.com/wp-content/themes/rise/fonts/rise-icomoon.woff?6xplcw
IP 109.203.109.22:0
File type Web Open Font Format, TrueType, length 10884, version 1.0\012- data
Hash 7fa39b7cde4128f0c3c094930b4cbf2e
e45e07103c0e8b5d5dbfed807c87c761d5cfab63
830998305182fa43321deeff76e8a81bdc5fd8e5ba009de9dc499935b90ce369
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/rise/fonts/rise-icomoon.woff?6xplcw HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://heypressto.com/wp-content/themes/rise/css/main_green.css?v=2.1.3
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:14 GMT
Accept-Ranges: bytes
Content-Length: 10884
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff
heypressto.com/wp-content/uploads/2017/03/chartreuse_176.jpg
109.203.109.22200 OK 6.8 kB URL HTTP/1.1 heypressto.com/wp-content/uploads/2017/03/chartreuse_176.jpg
IP 109.203.109.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 176x170, components 3\012- data
Hash 2f7696df4d377d6562ac062d2767c84f
c0ceb96257ca66e0333c29d60970073e7fb97694
aff9b8de47b485cc31022b74fe15714c878718b9499db0d399168377b6889f09
GET /wp-content/uploads/2017/03/chartreuse_176.jpg HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:21 GMT
Accept-Ranges: bytes
Content-Length: 6847
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
heypressto.com/wp-content/uploads/2019/01/book-link-homepage.jpg
109.203.109.22200 OK 6.4 kB URL HTTP/1.1 heypressto.com/wp-content/uploads/2019/01/book-link-homepage.jpg
IP 109.203.109.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 261x173, components 3\012- data
Hash 14c534195d5420c8aa969e0e8fef1074
c38f9b596793a9f79612d1b403e14cfeef5b4708
817a0b5b61a8c47ec968cf17dc818a2f1d1e16e5a33e5833a616aee1e3d6eaee
GET /wp-content/uploads/2019/01/book-link-homepage.jpg HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:22 GMT
Accept-Ranges: bytes
Content-Length: 6414
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
heypressto.com/wp-content/uploads/2018/10/book_video_link-217x150.jpg
109.203.109.22200 OK 11 kB URL HTTP/1.1 heypressto.com/wp-content/uploads/2018/10/book_video_link-217x150.jpg
IP 109.203.109.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 217x150, components 3\012- data
Hash e3603d79245b60a20b5401706002702c
85028c5f1acdb06f14360d2a91aff144db0b37ca
3b78bd08168a5846c5489debc6acb34f528cdc1a3f9e78fe02f546eab3b90bd4
GET /wp-content/uploads/2018/10/book_video_link-217x150.jpg HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:29 GMT
Accept-Ranges: bytes
Content-Length: 10966
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
heypressto.com/wp-content/uploads/2018/10/event_video_link-217x150.jpg
109.203.109.22200 OK 9.7 kB URL HTTP/1.1 heypressto.com/wp-content/uploads/2018/10/event_video_link-217x150.jpg
IP 109.203.109.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 217x150, components 3\012- data
Hash a01f88967927dd102e810eb2f8076123
90a4ec89c49ac73add3a44d318a17c2c53d52f1c
40cff94bd8238c69373a17570066be58857a58020015ea2ebb7b4d47882c1abd
GET /wp-content/uploads/2018/10/event_video_link-217x150.jpg HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:29 GMT
Accept-Ranges: bytes
Content-Length: 9699
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FHeypressto&width=292&height=32&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false
31.13.72.36301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FHeypressto&width=292&height=32&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FHeypressto&width=292&height=32&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FHeypressto&width=292&height=32&colorscheme=light&show_faces=false&header=false&stream=false&show_border=false
Content-Type: text/plain
Server: proxygen-bolt
Date: Wed, 16 Nov 2022 04:40:43 GMT
Connection: keep-alive
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3925
Cache-Control: max-age=118892
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:43 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 13:42:15 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
heypressto.com/wp-content/uploads/2018/10/blog_link_chartreuse_mountains_julien_ratel_250.jpg
109.203.109.22200 OK 43 kB URL HTTP/1.1 heypressto.com/wp-content/uploads/2018/10/blog_link_chartreuse_mountains_julien_ratel_250.jpg
IP 109.203.109.22:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, baseline, precision 8, 252x173, components 3\012- data
Hash f483b4dfa8e19b626e89d48a68bdb7c5
cbd673b68c4217d27c3c1369eb3e8104b6f8970b
7d4abdcd65656729f0100195660bd2c96fac4c86e7a84c0cf201862d3df2cce9
GET /wp-content/uploads/2018/10/blog_link_chartreuse_mountains_julien_ratel_250.jpg HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:29 GMT
Accept-Ranges: bytes
Content-Length: 42715
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
badges.instagram.com/static/images/ig-badge-view-24.png
31.13.72.53301 Moved Permanently 0 B URL HTTP/1.1 badges.instagram.com/static/images/ig-badge-view-24.png
IP 31.13.72.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/images/ig-badge-view-24.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 301 Moved Permanently
Location: https://badges.instagram.com/static/images/ig-badge-view-24.png
Content-Type: text/plain
Server: proxygen-bolt
Date: Wed, 16 Nov 2022 04:40:43 GMT
Connection: keep-alive
Content-Length: 0
badges.instagram.com/static/images/ig-badge-view-sprite-24.png
31.13.72.53301 Moved Permanently 0 B URL HTTP/1.1 badges.instagram.com/static/images/ig-badge-view-sprite-24.png
IP 31.13.72.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/images/ig-badge-view-sprite-24.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 301 Moved Permanently
Location: https://badges.instagram.com/static/images/ig-badge-view-sprite-24.png
Content-Type: text/plain
Server: proxygen-bolt
Date: Wed, 16 Nov 2022 04:40:43 GMT
Connection: keep-alive
Content-Length: 0
heypressto.com/wp-content/uploads/2019/01/cropped-logo_green-on-green_512-192x192.jpg
109.203.109.22200 OK 4.5 kB URL HTTP/1.1 heypressto.com/wp-content/uploads/2019/01/cropped-logo_green-on-green_512-192x192.jpg
IP 109.203.109.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash b6db6b8285afe8fe4988c8979a37a825
e429b3ac582ec56f94bcf80260474620ef8debe6
946921a00570f9a4f18e2de5a309dfc7b96c931bab322e845a7a26c6cf9fac19
GET /wp-content/uploads/2019/01/cropped-logo_green-on-green_512-192x192.jpg HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:22 GMT
Accept-Ranges: bytes
Content-Length: 4509
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
heypressto.com/wp-content/uploads/2019/01/cropped-logo_green-on-green_512-32x32.jpg
109.203.109.22200 OK 1.0 kB URL HTTP/1.1 heypressto.com/wp-content/uploads/2019/01/cropped-logo_green-on-green_512-32x32.jpg
IP 109.203.109.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash f1183e1c9defff93bc8797023589368b
6bb44bc64018053daab9706763692a9e9b669963
c5f8596a59d4361a0e24e0ecdd98375cb89b5d5671458c54225d0ad3fd416b5e
GET /wp-content/uploads/2019/01/cropped-logo_green-on-green_512-32x32.jpg HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Last-Modified: Thu, 21 Oct 2021 23:08:22 GMT
Accept-Ranges: bytes
Content-Length: 1004
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9d9493125a22b98bd2ac3a1b11cc0a12
8334175b79551b1e0592f63eb606543c915983a2
a583076207a416f2ccbb70821bc5185bb6b8e86180221014638af5af3b34a7fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 93eb48268143eec528a949aa5a1474e8
f186b2be6ceca0adb7a392a623d6b049efaa4656
b3a1117a94e41381a0fec96d7ff99981421ecec070dc75bf176d504409005a21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4818
Cache-Control: max-age=142471
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:43 GMT
Etag: "6373e080-1d7"
Expires: Thu, 17 Nov 2022 20:15:14 GMT
Last-Modified: Tue, 15 Nov 2022 18:54:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 93eb48268143eec528a949aa5a1474e8
f186b2be6ceca0adb7a392a623d6b049efaa4656
b3a1117a94e41381a0fec96d7ff99981421ecec070dc75bf176d504409005a21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4818
Cache-Control: max-age=142471
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:43 GMT
Etag: "6373e080-1d7"
Expires: Thu, 17 Nov 2022 20:15:14 GMT
Last-Modified: Tue, 15 Nov 2022 18:54:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.youtube.com/s/player/b50b69c9/www-player.css
216.58.211.14200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/b50b69c9/www-player.css
IP 216.58.211.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 761b19f8796fec7f10467dcc598b5236
77c5983a2669fce078e7cf89eb3343fc46e67d00
43000048eb17880ad3a86adbade0f08b2d81ed863b501bca737a53157d48a840
GET /s/player/b50b69c9/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/cP3msSWW-AA?rel=0&modestbranding=0&controls=1&showinfo=1&fs=1&wmode=transparent
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49806
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 16:57:20 GMT
expires: Tue, 14 Nov 2023 16:57:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
content-type: text/css
age: 128603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js
216.58.211.14200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js
IP 216.58.211.14:0
File type ASCII text, with very long lines (679)
Hash b41e05b3446a7f3c2ba64504e38a0af5
78f5476e77ea9b75ace36ce16af14053b1afa018
1cbccbc4f1d9324aa0baea4165e28e684961be9d50c81020dfdc71fae864c319
GET /s/player/b50b69c9/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/cP3msSWW-AA?rel=0&modestbranding=0&controls=1&showinfo=1&fs=1&wmode=transparent
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98457
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 16:57:20 GMT
expires: Tue, 14 Nov 2023 16:57:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
content-type: text/javascript
age: 128603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/b50b69c9/fetch-polyfill.vflset/fetch-polyfill.js
216.58.211.14200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/b50b69c9/fetch-polyfill.vflset/fetch-polyfill.js
IP 216.58.211.14:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/b50b69c9/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/cP3msSWW-AA?rel=0&modestbranding=0&controls=1&showinfo=1&fs=1&wmode=transparent
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 16:57:20 GMT
expires: Tue, 14 Nov 2023 16:57:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
content-type: text/javascript
age: 128603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/b50b69c9/player_ias.vflset/en_US/base.js
216.58.211.14200 OK 590 kB URL HTTP/2 www.youtube.com/s/player/b50b69c9/player_ias.vflset/en_US/base.js
IP 216.58.211.14:0
File type ASCII text, with very long lines (554)
Size 590 kB (590019 bytes)
Hash 53ad9649e7797cbb4d83db6df7defdae
55d8cd62ac971280498eec2c1f03d396bab95730
01a78ba3740909cee4a9a2e978d1e653b0b2a710083030863353c6f5383aff82
GET /s/player/b50b69c9/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/cP3msSWW-AA?rel=0&modestbranding=0&controls=1&showinfo=1&fs=1&wmode=transparent
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 590019
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 17:04:08 GMT
expires: Tue, 14 Nov 2023 17:04:08 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 01:17:55 GMT
content-type: text/javascript
age: 128195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
badges.instagram.com/static/images/ig-badge-view-24.png
31.13.72.53404 Not Found 21 kB URL HTTP/2 badges.instagram.com/static/images/ig-badge-view-24.png
IP 31.13.72.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8012)
Hash 8f4ecb58c60af8ec8bf6816d511c55cb
a5f0a6939be71ffab23c92f7f0fe99c04cc124dd
1e193fce991893191d9c9087ba8f8d0343cd7a244511e31460c2141c2f79c436
GET /static/images/ig-badge-view-24.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://heypressto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 04:40:43 GMT
vary: Accept-Language
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial: AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop"
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 73
access-control-expose-headers: X-IG-Set-WWW-Claim
x-ig-request-elapsed-time-ms: 32
x-ig-peak-time: 1
content-length: 20955
x-ig-origin-region: ash
x-fb-trip-id: 1512268381
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9d9493125a22b98bd2ac3a1b11cc0a12
8334175b79551b1e0592f63eb606543c915983a2
a583076207a416f2ccbb70821bc5185bb6b8e86180221014638af5af3b34a7fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
badges.instagram.com/static/images/ig-badge-view-sprite-24.png
31.13.72.53404 Not Found 21 kB URL HTTP/2 badges.instagram.com/static/images/ig-badge-view-sprite-24.png
IP 31.13.72.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8012)
Hash 8f4ecb58c60af8ec8bf6816d511c55cb
a5f0a6939be71ffab23c92f7f0fe99c04cc124dd
1e193fce991893191d9c9087ba8f8d0343cd7a244511e31460c2141c2f79c436
GET /static/images/ig-badge-view-sprite-24.png HTTP/1.1
Host: badges.instagram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://heypressto.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
date: Wed, 16 Nov 2022 04:40:43 GMT
vary: Accept-Language
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://i.instagram.com/graphql_www https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com https://*.od.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com https://*.fbsbx.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial: AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop"
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 73
access-control-expose-headers: X-IG-Set-WWW-Claim
x-ig-request-elapsed-time-ms: 34
x-ig-peak-time: 1
content-length: 20955
x-ig-origin-region: ash
x-fb-trip-id: 1512268381
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1fa19aff1e1cd1bcb23807998ef85c43
a4c43d274ab7c17894153b771d5fe096e2142e96
e254f31055336f837930d3dbe663ff8b96129f069d67d4d8511f13f5620b5641
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3925
Cache-Control: max-age=118892
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:43 GMT
Etag: "637387e2-1d7"
Expires: Thu, 17 Nov 2022 13:42:15 GMT
Last-Modified: Tue, 15 Nov 2022 12:36:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:46:16 GMT
expires: Fri, 10 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 456867
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 93eb48268143eec528a949aa5a1474e8
f186b2be6ceca0adb7a392a623d6b049efaa4656
b3a1117a94e41381a0fec96d7ff99981421ecec070dc75bf176d504409005a21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2119
Cache-Control: max-age=139772
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:43 GMT
Etag: "6373e080-1d7"
Expires: Thu, 17 Nov 2022 19:30:15 GMT
Last-Modified: Tue, 15 Nov 2022 18:54:56 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 12:31:58 GMT
expires: Sun, 12 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 317325
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/igAefX29xSo.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/igAefX29xSo.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash fe41c46d6f55b8120005babec214aba7
de9efe2c23fe4571ec4e4d79715540910f1ee68c
189dd21fd4f97e754fc62a0232f135963aeee9af7728c5f916b2c1ed7c7ff031
GET /rsrc.php/v3/yC/l/0,cross/igAefX29xSo.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 04:45:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: /kHEbW9VuBIABbq+whSrpw==
x-fb-debug: zuqXj3/p055t8O4zG0CY8sDA8ScNMCmX1UbbwmwZxAgry2RelcxGQprjPuBTEZgOQ6bjyAsx3rc4oWXHRoJZpw==
content-length: 4792
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:40:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (42048)
Hash 3051900d03a657ddbbc9afa8ac11cdbd
557f26734897e137a6678f6d2a81672fc6a34ad2
038035ce01be57324c7e251c8834229b4910f27e3a042912fd7276947e5750df
GET /rsrc.php/v3iEpO4/yt/l/en_US/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:19:31 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: MFGQDQOmV927ya+orBHNvQ==
x-fb-debug: /0Pz55NIiUn/cvYU+yfhqdIUstVvGBjhB3o6xBCg6YLbu5z3E4bj/phElq/tOEXBC1yT2SO31t4LXKWfL41W7A==
content-length: 23455
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:40:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 20:06:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: U8RJgKUtHGLUiQk9HHpA+IRcULT5qX+DuwPkFrA1TVl4/mz6+76fzZ9YDejeZlR7UxuiL1amRZ0p3hU19KekzQ==
priority: u=3,i
content-length: 827
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:40:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 15 Nov 2023 02:06:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: I/O4m6DwKidRohClNeExXv562wGzq8r+kdmkQ1jobwoPlsNFi0Yt0OvnZBjRb2KPEYSXWwX3xhdvgshSs7pAww==
priority: u=3,i
content-length: 1657
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:40:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yS/r/DEaHQMKxWBP.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yS/r/DEaHQMKxWBP.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18622)
Hash e939eadda5d7c9dd60450eb6fd816eb0
fd1b642357823cb1b21ae46e5c61a7488e203c1c
4c96ac797fe700732ccba8775a5a630eaafa1f03d81b2a2d48700fb29c3083a6
GET /rsrc.php/v3/yS/r/DEaHQMKxWBP.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:37:43 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 6Tnq3aXXyd1gRQ62/YFusA==
x-fb-debug: 7TdI8jhhqQoVsxciNzMu80GSUmNc/uvyt9Jz+UPwyzqFdzFE9DtXJYN/i0lg53jxBZaciWxa5a64NOC1wB03jQ==
content-length: 91128
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:40:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8741)
Hash dfb29285817fca7b068ba0ec98aa2392
78cd49585da28a245a096781c8e0fada59cf2b72
2c4a3a46d7dfaf97bbc16a2b93470d1b3382c0da3f44dca0c987a3384cee43d3
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:54:20 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 37KShYF/ynsGi6DsmKojkg==
x-fb-debug: 1OJX/K81m7XImTplLGw/7ANit8XayK5qe73Ffg7JAY5pCZTbd+j9zpsVmjKxIE8dfQCm3VZyVLLkqeUvbScSuA==
content-length: 16262
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:40:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4057)
Hash 571700b5a1e8db88d5d79007a910b962
07102cc5f2b19f190830664e1ec6718efb33c011
ecccefedaf39e094079b22880aba987993015fbf1b70fd3c63bc57dc10685f11
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 15 Nov 2023 02:03:07 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: 0xPHDYvZge8swk7JhsZ5ELIEYcud4qPBQV2E2zQxSjSHT+wOY2wY+EXO4Me6uhdgl3HPef3XHIK9yshvgmDJ/Q==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1904183273
date: Wed, 16 Nov 2022 04:40:43 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8633
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:40:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8633
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:40:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8633
Expires: Wed, 16 Nov 2022 07:04:37 GMT
Date: Wed, 16 Nov 2022 04:40:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98802857df59f8eacd9211811cc59ae6
87e277a627c1085cad5c6e38bdd5100aa0a9ecee
102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8235
x-amzn-requestid: e8a91ec0-fa93-45b6-8dc8-a405c00242fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY4_HANoAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740839-3ebbd38b0e3e774923ad019e;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _u6Uhc-g_xPTRSYys5rD3GC00roubyJdBRuHruvoMLf-UEAB6_zdQw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:46:20 GMT
age: 24864
etag: "87e277a627c1085cad5c6e38bdd5100aa0a9ecee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edd6a84f848a83f4d1990f92b4807def
bc2bb7815b062941d51fde65574851db55be37dc
4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6629
x-amzn-requestid: ff03ae40-8d00-41ec-875f-b49b1b86151c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY6CG9IoAMF8rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740840-7fdaa40f3ca9246045270665;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4i9jW2AQ8PhWl9i01KDda11PoSD1csf_Gs7nwME9o2Oxft0UldI6vQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:47:49 GMT
age: 24775
etag: "bc2bb7815b062941d51fde65574851db55be37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:45:58 GMT
age: 24886
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a698bf97cc6c0c464ed1a2b2adb1c1d3
a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0
64d52d8983b2bf30b9b1f260b8d6534664024b8dfda0da273307ee510ed33aad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4919
x-amzn-requestid: aae0d2da-e891-40a6-bd83-8942fc3ef0c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFFEnxoAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ed-6ff1cc593aa1c934659030db;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PhUSR2Y2GRZkB5UTrMma8vnIddc44pLJ2Sppk63xQyMC2imKLn-R4A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:47:46 GMT
age: 24778
etag: "a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c774a9a33f0c86087fe36fe18cf02db8
d81bf6504b30d50cf9cb14f8efca8e961f422a57
80f2913428758b1250218865a3e6697881ed3ed626f702c94fd0a5c7f354a2b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 4945a047-3048-4dfb-aba5-6cde2b52b240
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEAG7roAMF30Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-6928cd8c1439aac80444cd7b;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ls987SlzVbSWiZwE4ahKBdQ_vJknoy88LkGHnEYfie4M1l584VbB_w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:00:01 GMT
age: 24043
etag: "d81bf6504b30d50cf9cb14f8efca8e961f422a57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed2eb8cd1cffa83445bfc822fff3cd95
5d6f0e9bec236755d70ac6779e86684795e5c798
6b3e294fc0977cd09c1565d5a6396a63b2ad5f7005b9f1e136c33cedae49f436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8236
x-amzn-requestid: 74104064-6d6f-44ef-ad9f-6550971f17f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEBET6oAMF_cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-269579cf1723940b16588c76;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NoKPqN-FpS9ibMgsRSPIDrlu8I7OG_P_v7JHEcrBQE4ushlrVF5Yuw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:08:55 GMT
age: 23509
etag: "5d6f0e9bec236755d70ac6779e86684795e5c798"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
heypressto.com/wp-admin/admin-ajax.php
109.203.109.22200 OK 975 B URL HTTP/1.1 heypressto.com/wp-admin/admin-ajax.php
IP 109.203.109.22:0
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3948), with no line terminators
Hash 5b36f0d978f68fd6c7075dc3fea9007d
5e918288b6fedd64495d2c5d031a43301094f7cf
9ce921da45e330fbb08d70175b92ba946f5ee7974e97db380ac92d457ebbcbed
Analyzer Verdict Alert fortinet Malware
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: heypressto.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 214
Origin: http://heypressto.com
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 04:40:43 GMT
Server: Apache
Access-Control-Allow-Origin: http://heypressto.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 975
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c6a6db24d1ff3ffe787a8a5f78ef812
d9b2d385df52929ea7c6080b7c2e10c38df51572
3950ecddae384c36f9fb092dd5d27d3aa20c1197a37ff465d0bd350952dd9774
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68a04663a52ab4272c25f5afcc09a92d
48b0722227353d06cb1dfd4480b644be6e6fc030
892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 04:29:05 GMT
expires: Wed, 16 Nov 2022 04:44:05 GMT
cache-control: public, max-age=900
age: 699
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.130302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 16 Nov 2022 04:40:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c6a6db24d1ff3ffe787a8a5f78ef812
d9b2d385df52929ea7c6080b7c2e10c38df51572
3950ecddae384c36f9fb092dd5d27d3aa20c1197a37ff465d0bd350952dd9774
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15b877e3c04a13242f1e8d068e8cb9ed
f1a1a051ce4b6f820bb1e54d6e526a7a07e84117
dacb6aa3a7588b55169efba42082deb1576d69e60ea564826300b404087969e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 68a04663a52ab4272c25f5afcc09a92d
48b0722227353d06cb1dfd4480b644be6e6fc030
892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id?slf_rd=1
142.250.74.130200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 142.250.74.130:0
Hash cf84c639699a99aa7cf28d0705829969
db7a28e16c81e6d6a4207924e286018ad89b85cc
352fc72809e123fac82b2b2a91949befb511266819cd1cb482dab1de0675d2cf
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Wed, 16 Nov 2022 04:40:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15b877e3c04a13242f1e8d068e8cb9ed
f1a1a051ce4b6f820bb1e54d6e526a7a07e84117
dacb6aa3a7588b55169efba42082deb1576d69e60ea564826300b404087969e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 16 Nov 2022 04:40:44 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5b80883a318b116e8b967c4e7c5fb219
4d7a8f63edad447a8b46f7816b950d90e01c7872
2b1bf5e0056b5d2dabc4a7ce5da47044293386d238e666abfa8c9c6d25da44aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 56cd5ad21a4b8cca4d019ddfe1f7a985
23f2ff8aa5f085b6ce69411d63fd84da6eaf5556
c4c7b839497401ead04952e1414dbb965c96342937a953ac1e79e4b94850a1f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e92e5f2004a1ef0ad050ce5a23ebe09f
206d526e8184e4dd215508a05ae12d7bc26c3da7
d5c53d7d24a80a7a7e52a950c14ca18053fe3be534a8bb5f98b2431bdb4c0667
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 16 Nov 2022 04:40:44 GMT
server: ESF
cache-control: private
content-length: 30909
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36106)
Hash 7fc7e22ecccb0cfd0ae897bb40a58efe
5d46470a711120793c362235105836fe49e699a4
1907005cab41fbd6d1d67df3b25586f3232e053a261c9e2b2503459f4980b1c5
GET /js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14302
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Nov 2022 10:09:03 GMT
expires: Mon, 13 Nov 2023 10:09:03 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 239501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15b877e3c04a13242f1e8d068e8cb9ed
f1a1a051ce4b6f820bb1e54d6e526a7a07e84117
dacb6aa3a7588b55169efba42082deb1576d69e60ea564826300b404087969e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4a57291a56e0d7ffa0b4888b59a422b8
7a748cb78b21bbb7c4eb1ddc331ffa9d12d33248
9cc42b59af0f988712634b9430c4a0be52e5575d7e3458ddd872a751484612a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/cP3msSWW-AA/maxresdefault.webp
142.250.74.22200 OK 37 kB URL HTTP/2 i.ytimg.com/vi_webp/cP3msSWW-AA/maxresdefault.webp
IP 142.250.74.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b6a9c03064c36c6a9528686da7e75238
47b1a620619485cbd897b1bf211fb5ca43b97c81
4286e1f783921fdc7547ebba69252918da3e1c9ee903e883199bb50d7b1f86c7
GET /vi_webp/cP3msSWW-AA/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 37386
date: Wed, 16 Nov 2022 04:40:44 GMT
expires: Wed, 16 Nov 2022 06:40:44 GMT
cache-control: public, max-age=7200
etag: "1559174914"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu9NSlO65XAYU7A4neAmHNHUqRPzBs7Ct-9Lfl5d=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9NSlO65XAYU7A4neAmHNHUqRPzBs7Ct-9Lfl5d=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 59c625feec06973c044519ce698c6235
3528c96246eef01196022fe34eb1fc050c7b62cd
2abef746dc1d0c2bc9207479b3a563bd593941f39a604f521e5bb8d72af33a25
GET /ytc/AMLnZu9NSlO65XAYU7A4neAmHNHUqRPzBs7Ct-9Lfl5d=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2245
x-xss-protection: 0
date: Wed, 16 Nov 2022 04:40:44 GMT
expires: Wed, 16 Nov 2022 07:48:44 GMT
cache-control: public, max-age=86400, no-transform
etag: "v48"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 56cd5ad21a4b8cca4d019ddfe1f7a985
23f2ff8aa5f085b6ce69411d63fd84da6eaf5556
c4c7b839497401ead04952e1414dbb965c96342937a953ac1e79e4b94850a1f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4a57291a56e0d7ffa0b4888b59a422b8
7a748cb78b21bbb7c4eb1ddc331ffa9d12d33248
9cc42b59af0f988712634b9430c4a0be52e5575d7e3458ddd872a751484612a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets.js?_=1668573642598
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js?_=1668573642598
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js?_=1668573642598 HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 851
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Wed, 16 Nov 2022 04:40:44 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4a6920ac0858a3a4f000b7aefff679e1
9a1309f6ea9ca9666c36dac47e8592d7f15ff88a
b4e8c437766b33669a5673234212f518f1bf3c7da4db55ef1de8224cd7d3f2c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.pinterest.com/js/pinit.js
151.101.84.84200 OK 203 B URL HTTP/2 assets.pinterest.com/js/pinit.js
IP 151.101.84.84:0
File type ASCII text, with very long lines (361), with no line terminators
Hash 62d32c28f14783b94192cd8d35bc010d
78c1ba11e104bbd01a07225d0f8c41d7712094d4
e823b68f75484d37c74ebb652e2a5b183a1b65c43f1592985e519a8cabc44b2e
GET /js/pinit.js HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "62d32c28f14783b94192cd8d35bc010d"
content-encoding: br
content-type: application/javascript; charset=utf-8
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Wed, 16 Nov 2022 04:40:44 GMT
content-length: 203
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
172.217.21.170200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f204f39928c905128a6040c5848364f
a8cefb3f05855d0fe3f423e1bb94e23fc82ca61d
7878eb2af2c47290e43257980f28c522b50d2fe474a80d1665899adf2b29183c
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1004
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 16 Nov 2022 04:40:44 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fheypressto.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fheypressto.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Fheypressto.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1145991
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Nov 2022 04:40:44 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
assets.pinterest.com/js/pinit_main.js?0.6675444303271233
151.101.84.84200 OK 19 kB URL HTTP/2 assets.pinterest.com/js/pinit_main.js?0.6675444303271233
IP 151.101.84.84:0
File type Unicode text, UTF-8 text, with very long lines (32016)
Hash 3725764cf05d1a0938de73d398772331
abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
GET /js/pinit_main.js?0.6675444303271233 HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
content-type: application/javascript; charset=utf-8
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Wed, 16 Nov 2022 04:40:44 GMT
content-length: 18679
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0a35029879e4e9b7eff9323079c56a4f
75dac4489824af37de78f9267bddcbdbb124774c
5346fcf1a54b3b170f88592d0a7f7314553cf93fe767058c90551bea702ebe2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.linkedin.com/in.js?_=1668573642599
23.36.76.210200 OK 313 B URL HTTP/1.1 platform.linkedin.com/in.js?_=1668573642599
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
Hash ad56f8bc566abe5bd25efc7f2de9c6cc
66eda2ad81f756c2ca0ab6670dde6413e604069f
893b74206629f77fd6d9450bece9a71f97d4da90a31ab662be2a65a84764c154
GET /in.js?_=1668573642599 HTTP/1.1
Host: platform.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://heypressto.com/
HTTP/1.1 200 OK
Server: Play
Expires: Wed, 16 Nov 2022 05:30:57 GMT
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: text/javascript; charset=UTF-8
Content-Length: 163353
X-Li-Fabric: prod-lva1
X-Li-Pop: prod-lva1-x
X-LI-Proto: http/1.1
X-LI-UUID: AAXtjvBa4oVuokBgIGwVRg==
Date: Wed, 16 Nov 2022 04:40:44 GMT
Connection: keep-alive
Vary: Accept-Encoding
X-CDN-CLIENT-IP-VERSION: IPV4
X-CDN: AKAM
developers.google.com/
142.250.74.14301 Moved Permanently 0 B IP 142.250.74.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://heypressto.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: 98ce26434d2c20f52980d373cf50e3c8
Date: Wed, 16 Nov 2022 04:40:45 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec064f20e3981c0af193db86a52f2842
b2bfe25281b27eaa3b3a383781a3e3bda8e9f989
5a89401ed0486e3f4c202e805c403046499d71a274d3878ac25160d3d4b95410
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.twitter.com/settings?session_id=e55411640c3ac641b4a8e4133e16961a969fdcc5
104.244.42.8200 OK 374 B URL HTTP/2 syndication.twitter.com/settings?session_id=e55411640c3ac641b4a8e4133e16961a969fdcc5
IP 104.244.42.8:0
File type JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Hash 925c2a7587f39436ea29513221652474
695b7f2f3d99f407bcdfd0b372db0e28193cc60c
62e36e14e5c219119cb51c3cdf43a2005512a1bd6ebf2d68d0c610a2e6e3ef0f
GET /settings?session_id=e55411640c3ac641b4a8e4133e16961a969fdcc5 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 04:40:44 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Wed, 16 Nov 2022 04:40:45 GMT
content-length: 374
content-encoding: gzip
x-transaction-id: b368563e2cf5e450
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 107
x-connection-hash: 6d7b0e3fdc4c5eef444955ca166fa48fc474046035bb25b442f559c360be39f1
X-Firefox-Spdy: h2
platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
93.184.220.66200 OK 2.4 kB URL HTTP/1.1 platform.twitter.com/js/button.d2f864f87f544dc0c11d7d712a191c1f.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7017), with no line terminators
Hash 83616664e4155f8af0efb0576f8920cf
1277b0f4f935bec3ada0f87c45395bb6d9b2efbc
bb19d85932c5e8a952b6fc28c1df42aed6d6920f79ee3f2217d2484294d575d3
GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1145989
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Wed, 16 Nov 2022 04:40:45 GMT
Etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2362
ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
142.250.74.99200 OK 4.3 kB URL HTTP/2 ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2267)
Hash 3f7502705229ccec9d066c5cd75e6c31
ede1663155afaa5a5213d075e6295c6d839b05c3
2be5113d3022d1819a19f327235d287a2538a03741fc08ccd9d55cc1d78b6282
GET /accounts/o/1832714284-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:48:12 GMT
expires: Thu, 09 Nov 2023 18:48:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 08 Nov 2022 01:07:49 GMT
content-type: text/javascript
age: 553953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.en-gb.html
93.184.220.66200 OK 15 kB URL HTTP/1.1 platform.twitter.com/widgets/follow_button.644279d1635fd969e87af94a98bd232b.en-gb.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26401)
Hash c015dbd80771b3a4f20792933dae4b79
2da94e450a31a82ab97278bbbd2315f538f65ced
0218fa493cdde34ccc2583d8186b54d567adca5b569253e5e5375270f970b1d9
GET /widgets/follow_button.644279d1635fd969e87af94a98bd232b.en-gb.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1145949
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Nov 2022 04:40:45 GMT
Etag: "7caff8d8d12f66a4000871452f39f09d+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 15134
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec064f20e3981c0af193db86a52f2842
b2bfe25281b27eaa3b3a383781a3e3bda8e9f989
5a89401ed0486e3f4c202e805c403046499d71a274d3878ac25160d3d4b95410
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 04:40:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53d2d9380ba28ed0656b54c22bc56766
757f8e6306effbab70d99757c5672564cfc9f623
6d6c41527ae28cdce016470ec1eb87e0ed384f3ef721838724f29845f3bd8dac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8990
x-amzn-requestid: cb142f4b-787e-4b3c-9d75-72579105db60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFOHi8IAMFpDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ee-504a14105d2be58b1ce71c18;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GLJACvZUJjLdl3O2HUkWjgr7MqT_SRigTSdweSaTxUc-gTDULbYliA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:14:18 GMT
age: 23193
etag: "757f8e6306effbab70d99757c5672564cfc9f623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.linkedin.com/cws/member/public_profile?public_profile_url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fchartreuse-green-420735103&format=inline&xdOrigin=http%3A%2F%2Fheypressto.com&xdChannel=8384645d-b50d-43c8-bac3-e8b211e9ec82&xd_origin_host=http%3A%2F%2Fheypressto.com
13.107.42.14404 Not Found 0 B URL HTTP/2 www.linkedin.com/cws/member/public_profile?public_profile_url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fchartreuse-green-420735103&format=inline&xdOrigin=http%3A%2F%2Fheypressto.com&xdChannel=8384645d-b50d-43c8-bac3-e8b211e9ec82&xd_origin_host=http%3A%2F%2Fheypressto.com
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /cws/member/public_profile?public_profile_url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fchartreuse-green-420735103&format=inline&xdOrigin=http%3A%2F%2Fheypressto.com&xdChannel=8384645d-b50d-43c8-bac3-e8b211e9ec82&xd_origin_host=http%3A%2F%2Fheypressto.com HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
etag: W/"6360bef7-4e1a6"
set-cookie: bcookie="v=2&7fcc0d7b-9159-4910-8570-253be5185e45"; Domain=.linkedin.com; Expires=Thu, 16-Nov-2023 04:40:45 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221116044045eef5bd4b-48dd-4344-8b9e-b3bf547465d7AQEDLxbRn_kSMxqDHpjGe8mT7t0F4DgZ"; Domain=.www.linkedin.com; Expires=Thu, 16-Nov-2023 04:40:45 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2Njg1NzM2NDU7MjswMjHEaDQ4m5mLtJTZY4icJhQy4zsLcAE/OSlw9iS8MGnk0Q==; Domain=.linkedin.com; Expires=Mon, 15 May 2023 04:40:45 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2374:u=1:x=1:i=1668573645:t=1668660045:v=2:sig=AQEOCZs14ff-d6q0ozk0NPkfn8cUKkrZ"; Expires=Thu, 17 Nov 2022 04:40:45 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXtjxNne1tmnfilDYO/Bw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 66B077CE53594B3085F7CBBA5D4D9408 Ref B: OSL30EDGE0208 Ref C: 2022-11-16T04:40:45Z
date: Wed, 16 Nov 2022 04:40:44 GMT
X-Firefox-Spdy: h2
developers.google.com/
142.250.74.14200 OK 0 B IP 142.250.74.14:0
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://heypressto.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 18:10:23 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.2688787453.1668573645; Expires=Fri, 15 Nov 2024 04:40:45 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-m3cgc254h02SgszP665IM2KxLvkGNu' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: f60cb0f9da4be53fcde46d1b537c3d31
vary: Accept-Encoding
date: Wed, 16 Nov 2022 04:40:45 GMT
server: Google Frontend
content-length: 22431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/cP3msSWW-AA?rel=0&modestbranding=0&controls=1&showinfo=1&fs=1&wmode=transparent
216.58.211.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/cP3msSWW-AA?rel=0&modestbranding=0&controls=1&showinfo=1&fs=1&wmode=transparent
IP 216.58.211.14:0
GET /embed/cP3msSWW-AA?rel=0&modestbranding=0&controls=1&showinfo=1&fs=1&wmode=transparent HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 16 Nov 2022 04:40:43 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=r3TwJaQO7B4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=aWqyUoO5S_Q; Domain=.youtube.com; Expires=Mon, 15-May-2023 04:40:43 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+894; expires=Fri, 15-Nov-2024 04:40:43 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheypressto.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__
216.58.207.237200 OK 0 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheypressto.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__
IP 216.58.207.237:0
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fheypressto.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://heypressto.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 16 Nov 2022 04:40:45 GMT
content-security-policy: script-src 'nonce-HJgTeLOWopNj_mfh1ReozQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2