r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10207
Expires: Wed, 23 Nov 2022 07:22:24 GMT
Date: Wed, 23 Nov 2022 04:32:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3970
Cache-Control: max-age=111908
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:17 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 11:37:25 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 04:09:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1375
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15311
Expires: Wed, 23 Nov 2022 08:47:28 GMT
Date: Wed, 23 Nov 2022 04:32:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4teeSHwzNuAOaTOUSrlf56Z6xUhu8wXpxiu0TbCwpWEAMUQv+Rg2q41PZXfaN3tDjR76TGwOBGc=
x-amz-request-id: YPTRQWANDK5WHHMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 03:42:50 GMT
age: 2967
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:32:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 04:11:11 GMT
cache-control: public,max-age=3600
age: 1266
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4345
Cache-Control: max-age=107223
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:17 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:19:20 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
voirvk.com/
174.136.13.138301 Moved Permanently 0 B IP 174.136.13.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: voirvk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.voirvk.com/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
54.149.156.115101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.156.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ib8+8/na+usg19t8KJrPqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wJYmfNFKbKhj8q+kOKBa1cK5vas=
fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
142.250.74.10200 OK 430 B URL HTTP/1.1 fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext
IP 142.250.74.10:0
Hash 3d8926112ef8b7bb92467eb86a0f9475
f65e274f85692c3c07b617e22786a53291961dee
aee148b5191affa4c6c7ca2657d4b6bb15e50012c3c58be85400d07fc6b3b469
GET /css?family=Libre+Baskerville%3A400%2C700%2C400italic%2C700italic&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 23 Nov 2022 04:32:19 GMT
Date: Wed, 23 Nov 2022 04:32:19 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.voirvk.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.18
174.136.13.138200 OK 4.6 kB URL HTTP/1.1 www.voirvk.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.18
IP 174.136.13.138:0
File type ASCII text, with very long lines (9063)
Hash cdede17f70bc0f6649c51ca14bf6d795
35741f2fd61fd308f2f6148f0c6a227e47fbaa7d
e1a3d889530efbbdbacdb680e4a9b166cb7a81b27a5d720ff25013ef4f3c3daa
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.18 HTTP/1.1
Host: www.voirvk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 13 Nov 2021 06:53:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4628
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
www.voirvk.com/wp-content/themes/the-thinker-lite/style.css?ver=4.9.18
174.136.13.138200 OK 19 kB URL HTTP/1.1 www.voirvk.com/wp-content/themes/the-thinker-lite/style.css?ver=4.9.18
IP 174.136.13.138:0
File type ASCII text, with very long lines (701)
Hash 41f967135aa4a018b7b51901b679d360
bf1cd96e2fa472eea2d3e284d3b223ddc0fb9257
c90ec03e9b4000b0c1b73b1f96033ed758b8cd7ff4193b17cf70c5a0599feaac
GET /wp-content/themes/the-thinker-lite/style.css?ver=4.9.18 HTTP/1.1
Host: www.voirvk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 02 Oct 2021 06:09:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
www.voirvk.com/
174.136.13.138200 OK 204 kB IP 174.136.13.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1746)
Size 204 kB (204438 bytes)
Hash 0bf41ae6590b6a85ec776e4503d310c0
71fdd1eac6754703716538960e4e7504c2e2fb87
78a6789d2d2e5d9cdbfe69b038c4718b2d5342175008df6ae2ef13d19207bc7f
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.voirvk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:18 GMT
Server: Apache
Link: <http://www.voirvk.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
s1.studylibfr.com/store/data/010140003_1-7e2ff5f370965f36dd6109fb9464403f-300x300.png
104.21.49.112301 Moved Permanently 0 B URL HTTP/1.1 s1.studylibfr.com/store/data/010140003_1-7e2ff5f370965f36dd6109fb9464403f-300x300.png
IP 104.21.49.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /store/data/010140003_1-7e2ff5f370965f36dd6109fb9464403f-300x300.png HTTP/1.1
Host: s1.studylibfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:19 GMT
Location: https://s1.studylibfr.com/store/data/010140003_1-7e2ff5f370965f36dd6109fb9464403f-300x300.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwW6G%2FiurP%2FtztrOeja4cIweggXWAdooUOc%2FnZWGDGeH1B3hMpLLWey2ZS%2BX5PHiPKY%2FHEF5JAkbfOqvD3Z5Y3jVDHrD9MOyLfnUDyMHm38OobxyapYgCXyRcMJUPpZGngJQSA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2a8912b50f-OSL
alt-svc: h2=":443"; ma=60
icrowdnewswire.com/wp-content/uploads/2021/04/olivercafe.jpg
172.66.42.222301 Moved Permanently 0 B URL HTTP/1.1 icrowdnewswire.com/wp-content/uploads/2021/04/olivercafe.jpg
IP 172.66.42.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2021/04/olivercafe.jpg HTTP/1.1
Host: icrowdnewswire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:19 GMT
Location: https://icrowdnewswire.com/wp-content/uploads/2021/04/olivercafe.jpg
Server-Timing: cf-q-config;dur=3.9999995351536e-06
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2a896f1c06-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15391
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:32:19 GMT
Connection: keep-alive
newsharper.com/wp-content/uploads/2020/06/Amy.jpg
104.21.17.141301 Moved Permanently 0 B URL HTTP/1.1 newsharper.com/wp-content/uploads/2020/06/Amy.jpg
IP 104.21.17.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2020/06/Amy.jpg HTTP/1.1
Host: newsharper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:19 GMT
Location: https://newsharper.com/wp-content/uploads/2020/06/Amy.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRw9jdkdCcMxPlYPjZqkIi6o%2BejH6L%2B72D5q%2F7Wb%2B4BdlpTADVeo1gEGgsl9eLl1wAClj%2FmUDGsHYqY8lR02aI85pTLkJ5wdWS08mEfW%2Fy97efsHNLAEF%2BBLZ%2FN29KKKEg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2abf410b51-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 218956a7601433bcf0f6ff484dbd5b52
d005c3afc835a854efdfa9cceb54b81153bb9899
dcc6527a7705c8e870e6aaf6744319ba0541a9fdfef58ca897361309d11b2b2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6180
x-amzn-requestid: 77d0b21a-db56-431c-8bc1-15ce409beadd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7nE2FyqIAMFnEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aebb8-6661a45a00c174e87e789791;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:08:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 4i-DyxmOE3pf55HCp1_oYxYPupFwEdMiQH8YRPQlyj-HMHtlRUfS4g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 04:58:36 GMT
age: 84823
etag: "d005c3afc835a854efdfa9cceb54b81153bb9899"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19004cd2-76fa-499a-9749-67f2994dc084.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19004cd2-76fa-499a-9749-67f2994dc084.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a539a7b4a38c495d8d7efd7b95fec6de
8f8bdba45b4fdf16783758eb6e53f957e53987bc
2d209c13af43c4237e36291cb24140e4993361311489ad27943b1209262592e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19004cd2-76fa-499a-9749-67f2994dc084.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11839
x-amzn-requestid: b0429c36-a8c3-49e7-b25a-1ecdfc6e7648
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btVS7Hp2oAMF32g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637535ac-097bd45a569a4cff672486de;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 19:10:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: omaSeWY89Yj_x-18NptKJzjBTZXpKGcUVWYdr05K0YwqGhSjQ3ohaQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:30 GMT
age: 22969
etag: "8f8bdba45b4fdf16783758eb6e53f957e53987bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.firespring.com/images/60954e3f-a663-4455-beb1-d21877b30091.jpg
54.230.111.39301 Moved Permanently 167 B URL HTTP/1.1 cdn.firespring.com/images/60954e3f-a663-4455-beb1-d21877b30091.jpg
IP 54.230.111.39:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /images/60954e3f-a663-4455-beb1-d21877b30091.jpg HTTP/1.1
Host: cdn.firespring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 23 Nov 2022 04:32:19 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://cdn.firespring.com/images/60954e3f-a663-4455-beb1-d21877b30091.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1goAKrZsd7ZesRU0hcv3rl4j1xV8DmCfO8BgUS9IRv31bHSzVYHLiQ==
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Cache-Control: max-age=86400
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 309227dc1b5f9193c6be8f5a010fa348
dff12e88a784a954012f257d3689862c52251d01
2d52b83ff0a58c41bf2e38abf8fce13eb87b5ecfce144ff0edc1bfadd254b452
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f13f0a4-9e67-4f61-9165-83b87312d9cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8081
x-amzn-requestid: cafd3337-7bb8-4e2d-91d4-a33439a32b80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAMEwgoAMFl-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4067-6074dcae15d9194513916d48;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0qleUIXFjvOqr3SeTpnFnVnhacI-ps0Fc33zsWp3eynFDhYOasUpPw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 23731
etag: "dff12e88a784a954012f257d3689862c52251d01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.ytimg.com/vi/WvVQKNuYS-s/maxresdefault.jpg
142.250.74.150200 OK 97 kB URL HTTP/1.1 i.ytimg.com/vi/WvVQKNuYS-s/maxresdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 395ed364ef6c78654f33bdf03b732539
3aaf4a404cfb8ff87779c44d598b7d630b2b08b2
9076a1a5c6fff74330bdd9c6b0484d66aaa30178e440eff40ef9e686150cd425
GET /vi/WvVQKNuYS-s/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 97331
Date: Wed, 23 Nov 2022 04:32:19 GMT
Expires: Wed, 23 Nov 2022 06:32:19 GMT
Cache-Control: public, max-age=7200
ETag: "1601217153"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
i.ytimg.com/vi/dbhHvMwYg8s/maxresdefault.jpg
142.250.74.150200 OK 73 kB URL HTTP/1.1 i.ytimg.com/vi/dbhHvMwYg8s/maxresdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 2ba453118edc0ed6246b06a9c34bc905
5e2f5f1793eb52beb9ddc8378eb856d68e3a3a79
2f515cc6be3fd8695abf7b2a06591566b414c94f8aad0a4bd38eb3c786bfe5f2
GET /vi/dbhHvMwYg8s/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 73097
Date: Wed, 23 Nov 2022 04:32:19 GMT
Expires: Wed, 23 Nov 2022 06:32:19 GMT
Cache-Control: public, max-age=7200
ETag: "1619962600"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
www.investopedia.com/thmb/K031D19Ycq9Md0hic9enGQ17zuc=/680x0/filters:no_upscale():max_bytes(150000):strip_icc()/ThinkstockPhotos-465157044-6d4be91f10204e54aab34e1787c14bac.jpg
151.101.86.137301 Moved Permanently 0 B URL HTTP/1.1 www.investopedia.com/thmb/K031D19Ycq9Md0hic9enGQ17zuc=/680x0/filters:no_upscale():max_bytes(150000):strip_icc()/ThinkstockPhotos-465157044-6d4be91f10204e54aab34e1787c14bac.jpg
IP 151.101.86.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thmb/K031D19Ycq9Md0hic9enGQ17zuc=/680x0/filters:no_upscale():max_bytes(150000):strip_icc()/ThinkstockPhotos-465157044-6d4be91f10204e54aab34e1787c14bac.jpg HTTP/1.1
Host: www.investopedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://www.investopedia.com/thmb/K031D19Ycq9Md0hic9enGQ17zuc=/680x0/filters:no_upscale():max_bytes(150000):strip_icc()/ThinkstockPhotos-465157044-6d4be91f10204e54aab34e1787c14bac.jpg
Accept-Ranges: bytes
Date: Wed, 23 Nov 2022 04:32:19 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1627-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1669177940.759588,VS0,VE0
NEL: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/555/re.p"}]}
weknowyourdreams.com/images/casino/casino-08.jpg
78.46.106.103302 Moved Temporarily 160 B URL HTTP/1.1 weknowyourdreams.com/images/casino/casino-08.jpg
IP 78.46.106.103:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9f0b38c9a810496daebc8cd0894ad734
b6fae6159db913572c7a8fbc7da1a5597c8546d0
11175b68f785d640f189d698d9e5eece0d4de0a100f1779e631b16074ed8f9a3
GET /images/casino/casino-08.jpg HTTP/1.1
Host: weknowyourdreams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.2.1
Date: Wed, 23 Nov 2022 04:32:19 GMT
Content-Type: text/html
Content-Length: 160
Connection: keep-alive
Location: http://weknowyourdreams.com/image.php?pic=/images/casino/casino-08.jpg
www.adwadi.com/images/listings/2019-11/bigThmb/luxury_yacht_rental_dubai_yacht_rental_d-1573905986-673-e.jpg
104.21.86.96301 Moved Permanently 0 B URL HTTP/1.1 www.adwadi.com/images/listings/2019-11/bigThmb/luxury_yacht_rental_dubai_yacht_rental_d-1573905986-673-e.jpg
IP 104.21.86.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/listings/2019-11/bigThmb/luxury_yacht_rental_dubai_yacht_rental_d-1573905986-673-e.jpg HTTP/1.1
Host: www.adwadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:19 GMT
Location: https://www.adwadi.com/images/listings/2019-11/bigThmb/luxury_yacht_rental_dubai_yacht_rental_d-1573905986-673-e.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Feaiet23ywBLT85rRjKMATCKe8VHY5oJVejadYxPI0McLXGf4%2BST8rYiCggxs38WNZjd9kIAGf%2FRXquCFWVtitcNpJLhxrGJL3L4FfC5kfWCTC1joazEf42UWTyeqEDIHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2bbc93b4ed-OSL
alt-svc: h2=":443"; ma=60
i.ytimg.com/vi/_BOVflzswmM/maxresdefault.jpg
142.250.74.150200 OK 268 kB URL HTTP/1.1 i.ytimg.com/vi/_BOVflzswmM/maxresdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 268 kB (267567 bytes)
Hash d0f8d1f1dabf982d7280edf76494e543
c05961756e1b5ff1ea40ec00ce9e5b370bb252ea
52ad1606abb430e6df79113ab900cec3e4f52b1a5138c75f813742b3ccfb057b
GET /vi/_BOVflzswmM/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 267567
Date: Wed, 23 Nov 2022 04:32:19 GMT
Expires: Wed, 23 Nov 2022 06:32:19 GMT
Cache-Control: public, max-age=7200
ETag: "1510612639"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
i.ytimg.com/vi/_AKX62jAoGc/maxresdefault.jpg
142.250.74.150200 OK 167 kB URL HTTP/1.1 i.ytimg.com/vi/_AKX62jAoGc/maxresdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 167 kB (166679 bytes)
Hash e114dcf1b364d20497d575fc59119f31
b463ca322bfac6dd3d47122837e004db25fa0c75
d97b33e6a99c47af9393975d2f71a939b7aca6ca7afc7b52eb8409ac6e95c600
GET /vi/_AKX62jAoGc/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 166679
Date: Wed, 23 Nov 2022 04:32:19 GMT
Expires: Wed, 23 Nov 2022 06:32:19 GMT
Cache-Control: public, max-age=7200
ETag: "1608776343"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
thehealthytaste.com/images/keravita-pro-product-image.png
104.21.31.100301 Moved Permanently 0 B URL HTTP/1.1 thehealthytaste.com/images/keravita-pro-product-image.png
IP 104.21.31.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/keravita-pro-product-image.png HTTP/1.1
Host: thehealthytaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:19 GMT
Location: https://thehealthytaste.com/images/keravita-pro-product-image.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dh%2F35VTbA1n4Jmf6iVkzso5CWil4K%2BvGkvAKphc0WQ9BI%2B2tPND4eRFmGRHMXe%2Fb9oFdCjEfpW9S5ENsprMwMXcii2mqI26YFb3OC26nd23EGu75hlRkr4R2B2LbFItfFUUdOLH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2c19c00b59-OSL
alt-svc: h2=":443"; ma=60
www.oregonlive.com/resizer/jAOi_yXDywKoKI-xPsaxhZMumSA=/1280x0/smart/advancelocal-adapter-image-uploads.s3.amazonaws.com/image.oregonlive.com/home/olive-media/width2048/img/oregonian/photo/2017/02/14/-178f0120cea51414.jpg
2.21.8.66301 Moved Permanently 0 B URL HTTP/1.1 www.oregonlive.com/resizer/jAOi_yXDywKoKI-xPsaxhZMumSA=/1280x0/smart/advancelocal-adapter-image-uploads.s3.amazonaws.com/image.oregonlive.com/home/olive-media/width2048/img/oregonian/photo/2017/02/14/-178f0120cea51414.jpg
IP 2.21.8.66:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /resizer/jAOi_yXDywKoKI-xPsaxhZMumSA=/1280x0/smart/advancelocal-adapter-image-uploads.s3.amazonaws.com/image.oregonlive.com/home/olive-media/width2048/img/oregonian/photo/2017/02/14/-178f0120cea51414.jpg HTTP/1.1
Host: www.oregonlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.oregonlive.com/resizer/jAOi_yXDywKoKI-xPsaxhZMumSA=/1280x0/smart/advancelocal-adapter-image-uploads.s3.amazonaws.com/image.oregonlive.com/home/olive-media/width2048/img/oregonian/photo/2017/02/14/-178f0120cea51414.jpg
Cache-Control: private, max-age=0
Expires: Wed, 23 Nov 2022 04:32:19 GMT
Date: Wed, 23 Nov 2022 04:32:19 GMT
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT, edge; dur=1
Content-Security-Policy: upgrade-insecure-requests
Referrer-Policy: no-referrer-when-downgrade
Akamai-True-TTL: -1
nitrilean.com/welcome/letter/images/prod.png
74.115.33.212301 Moved Permanently 260 B URL HTTP/1.1 nitrilean.com/welcome/letter/images/prod.png
IP 74.115.33.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae171dab2f166b7fbba38cad305dfbbd
cdd00091d811a90bc746867398c7f3041a67283a
8bdadfc1655726b23871d2bc6fb2a13b46e0253ba30af657dda6a3db1615eabe
GET /welcome/letter/images/prod.png HTTP/1.1
Host: nitrilean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:19 GMT
Server: Apache
Location: https://nitrilean.com/welcome/letter/images/prod.png
Cache-Control: max-age=2592000
Expires: Fri, 23 Dec 2022 04:32:19 GMT
Content-Length: 260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
assets.thehansindia.com/h-upload/2021/04/02/1065818-weight-loss.png
104.21.18.244301 Moved Permanently 0 B URL HTTP/1.1 assets.thehansindia.com/h-upload/2021/04/02/1065818-weight-loss.png
IP 104.21.18.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /h-upload/2021/04/02/1065818-weight-loss.png HTTP/1.1
Host: assets.thehansindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:19 GMT
Location: https://assets.thehansindia.com/h-upload/2021/04/02/1065818-weight-loss.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iNj08bb8J7YVd%2BpHZEwbJhmD29jdk25QN%2FddIuyGIj5XfFV0bcbKLw59YdVxHsNMBaqd%2BJIuI%2FjcjMCti%2F%2B%2FmdhXpb3sYr%2BixBFwYbZY09knKvqEdQitarKmq6haethZhASpGUOJ0%2FUZw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2c8e610b49-OSL
alt-svc: h2=":443"; ma=60
www.voirvk.com/wp-content/themes/the-thinker-lite/images/bg.png
174.136.13.138200 OK 66 kB URL HTTP/1.1 www.voirvk.com/wp-content/themes/the-thinker-lite/images/bg.png
IP 174.136.13.138:0
File type PNG image data, 270 x 270, 8-bit/color RGBA, non-interlaced\012- data
Hash ef0797542c2f2d186039b92f7dc4c538
06062d8809f909b9eeb79351d5f73f7dee220152
ca780625a8d698aa91bac5664eb4992516c60c88e2ac00e09a7a95986d0fee0c
GET /wp-content/themes/the-thinker-lite/images/bg.png HTTP/1.1
Host: www.voirvk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/wp-content/themes/the-thinker-lite/style.css?ver=4.9.18
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:19 GMT
Server: Apache
Last-Modified: Sat, 02 Oct 2021 06:09:29 GMT
Accept-Ranges: bytes
Content-Length: 65913
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
javaburn.com/_nuxt/img/javaburn-products.c836478.png
143.204.55.88403 Forbidden 915 B URL HTTP/1.1 javaburn.com/_nuxt/img/javaburn-products.c836478.png
IP 143.204.55.88:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d3ce6e95c1a40f4c8cedc9a711edf29e
0bf7cc6105f0e562ba5872ee0a3e15b39c28ec77
06e8d0ffebfad6cdcce39683b8fe24dda1e3acf07f630b0332015d3bb975baa7
GET /_nuxt/img/javaburn-products.c836478.png HTTP/1.1
Host: javaburn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 403 Forbidden
Server: CloudFront
Date: Wed, 23 Nov 2022 04:32:19 GMT
Content-Type: text/html
Content-Length: 915
Connection: keep-alive
X-Cache: Error from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Knis9747UhqdCjzEBi4izjxZMJZsK3GZm6HQnrsDpBCxjuPgFRtrnQ==
guardian.ng/wp-content/uploads/2017/10/Dollarphotoclub_60215932.jpg
35.186.215.69301 Moved Permanently 178 B URL HTTP/1.1 guardian.ng/wp-content/uploads/2017/10/Dollarphotoclub_60215932.jpg
IP 35.186.215.69:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /wp-content/uploads/2017/10/Dollarphotoclub_60215932.jpg HTTP/1.1
Host: guardian.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 04:32:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Location: https://guardian.ng/wp-content/uploads/2017/10/Dollarphotoclub_60215932.jpg
Via: 1.1 google
www.xplina.com/wp-content/uploads/2020/12/diet-617756_1920-1536x1024.jpg
198.54.126.230301 Moved Permanently 707 B URL HTTP/1.1 www.xplina.com/wp-content/uploads/2020/12/diet-617756_1920-1536x1024.jpg
IP 198.54.126.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2020/12/diet-617756_1920-1536x1024.jpg HTTP/1.1
Host: www.xplina.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 23 Nov 2022 04:32:19 GMT
server: LiteSpeed
location: https://www.xplina.com/wp-content/uploads/2020/12/diet-617756_1920-1536x1024.jpg
x-turbo-charged-by: LiteSpeed
www.voirvk.com/wp-content/themes/the-thinker-lite/js/skip-link-focus-fix.js?ver=20130115
174.136.13.138200 OK 384 B URL HTTP/1.1 www.voirvk.com/wp-content/themes/the-thinker-lite/js/skip-link-focus-fix.js?ver=20130115
IP 174.136.13.138:0
Hash dfe5baaf2cd46f379c61dc390828844b
747cfaffcb937e6649c34d49fdb3747f7e3c964d
a751ebf48f4fd14e8941673cf8792da6ee215b3dcd17cf3bcfbfc60b1d6d7682
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-thinker-lite/js/skip-link-focus-fix.js?ver=20130115 HTTP/1.1
Host: www.voirvk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:19 GMT
Server: Apache
Last-Modified: Sat, 02 Oct 2021 06:09:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 384
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
www.voirvk.com/wp-content/themes/the-thinker-lite/js/navigation.js?ver=20120206
174.136.13.138200 OK 976 B URL HTTP/1.1 www.voirvk.com/wp-content/themes/the-thinker-lite/js/navigation.js?ver=20120206
IP 174.136.13.138:0
Hash d74d33866110118c1d7caf56e1d36480
b69bddfd169a83012ca591d5badb3a58ebbbebb4
facefc4c7a3abe78acccd949b91ba27c3dc0e34f516f000d1fda62a10068b60d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-thinker-lite/js/navigation.js?ver=20120206 HTTP/1.1
Host: www.voirvk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:19 GMT
Server: Apache
Last-Modified: Sat, 02 Oct 2021 06:09:29 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 976
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
cdn.shopify.com/s/files/1/0510/8698/3319/products/CPS_CHAD_MOCKUP_MANGREENS_F_x100@2x.png?v=1628025902
162.159.135.68301 Moved Permanently 0 B URL HTTP/1.1 cdn.shopify.com/s/files/1/0510/8698/3319/products/CPS_CHAD_MOCKUP_MANGREENS_F_x100@2x.png?v=1628025902
IP 162.159.135.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/files/1/0510/8698/3319/products/CPS_CHAD_MOCKUP_MANGREENS_F_x100@2x.png?v=1628025902 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:20 GMT
Location: https://cdn.shopify.com/s/files/1/0510/8698/3319/products/CPS_CHAD_MOCKUP_MANGREENS_F_x100@2x.png?v=1628025902
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zeKoUrMomNDGZFCxqtcyIIknZ4OX%2FDgyzHomR%2BDWy7lpYv%2BueJbwL9Pf20ORCDwlLtGRIw7sEwOg9vuaj3Nni5gMiy2EcBJ3xFHjVxz6P%2FQLUPH2unhjzDyzSkgZ%2BU8iw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server-Timing: cfRequestDuration;dur=9.999990
Server: cloudflare
CF-RAY: 76e72e2d2e500b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.voirvk.com/wp-includes/js/wp-embed.min.js?ver=4.9.18
174.136.13.138200 OK 750 B URL HTTP/1.1 www.voirvk.com/wp-includes/js/wp-embed.min.js?ver=4.9.18
IP 174.136.13.138:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 1c782657b72dd210e34fe872458db8a4
9aab886e2eb32e3ad3b48b414725b93875843201
f938f1b4a0bac49749cd11a5f8838cdcf6a188f2b4c5054467a08e209a1560aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=4.9.18 HTTP/1.1
Host: www.voirvk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 06:53:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 750
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
mbiforlife.com/wp-content/uploads/2019/07/Glucostatin_60ct.jpg
151.101.2.159301 Moved Permanently 162 B URL HTTP/1.1 mbiforlife.com/wp-content/uploads/2019/07/Glucostatin_60ct.jpg
IP 151.101.2.159:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2019/07/Glucostatin_60ct.jpg HTTP/1.1
Host: mbiforlife.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://mbiforlife.com/wp-content/uploads/2019/07/Glucostatin_60ct.jpg
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: nxjju76ftm
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Wed, 23 Nov 2022 04:32:20 GMT
X-Served-By: cache-bma1649-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669177940.056602,VS0,VE134
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT
www.montagne-et-nature.fr/alpilles_files/08.jpg
87.98.129.12200 OK 435 kB URL HTTP/1.1 www.montagne-et-nature.fr/alpilles_files/08.jpg
IP 87.98.129.12:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=8, manufacturer=NIKON CORPORATION, model=NIKON D4, xresolution=138, yresolution=146, resolutionunit=2, software=Capture One 10 Macintosh, copyright=G\303\251rard Glaize], progressive, precision 8, 1200x799, components 3\012- data
Size 435 kB (434641 bytes)
Hash 4214aa8746c8ecb8ac3de166b115816e
790278e41358ed379ffb72672346d2ec136cba88
ca085c44bb89b2b6755c656cec7a34d1c60c5f20cd4fcfe2112df4d70ead11b4
GET /alpilles_files/08.jpg HTTP/1.1
Host: www.montagne-et-nature.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 16:09:53 GMT
ETag: "48c3143-6a1d1-5ba990ceb8f2d"
Accept-Ranges: bytes
Content-Length: 434641
Keep-Alive: timeout=5, max=10
Connection: Keep-Alive
Content-Type: image/jpeg
www.pittsburghbettertimes.com/wp-content/uploads/2020/09/resurge-reviews.jpg
216.92.110.12200 OK 29 kB URL HTTP/1.1 www.pittsburghbettertimes.com/wp-content/uploads/2020/09/resurge-reviews.jpg
IP 216.92.110.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 650x433, components 3\012- data
Hash 476f9252e9df86a1176d2a9458a212ef
11202f7f0b17a794fa19e75bb1699a61ae271304
da44130ce0902218bb79ddc56716ccd6f77f3b893dfcc7ff5af4545f921384ce
GET /wp-content/uploads/2020/09/resurge-reviews.jpg HTTP/1.1
Host: www.pittsburghbettertimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/jpeg
Content-Length: 29317
Last-Modified: Mon, 12 Sep 2022 01:25:17 GMT
Connection: keep-alive
ETag: "631e8a7d-7285"
Expires: Thu, 24 Nov 2022 04:32:20 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
flexplexcanada.com/wp-content/uploads/2020/11/Quietum-Plus-Canada.jpg
162.241.224.113200 OK 24 kB URL HTTP/1.1 flexplexcanada.com/wp-content/uploads/2020/11/Quietum-Plus-Canada.jpg
IP 162.241.224.113:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 480x218, components 3\012- data
Hash 2f633ec17d4d1862d5974f51c227584f
3067576dc251445e89a6c17551de61d42e6bf5c4
b9d1fd4b96779945d857d637f8589c13070049a8161f72b17fe340e8a6bc1423
GET /wp-content/uploads/2020/11/Quietum-Plus-Canada.jpg HTTP/1.1
Host: flexplexcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: keep-alive, close
Last-Modified: Mon, 16 Nov 2020 15:16:27 GMT
Accept-Ranges: bytes
Content-Length: 24413
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type: image/jpeg
www.netnutri.com/media/catalog/product/cache/17/image/650x/d9c70597da8a9cb2926ef4bca3f81833/6/3/631257631237.jpg
172.67.82.68301 Moved Permanently 0 B URL HTTP/1.1 www.netnutri.com/media/catalog/product/cache/17/image/650x/d9c70597da8a9cb2926ef4bca3f81833/6/3/631257631237.jpg
IP 172.67.82.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /media/catalog/product/cache/17/image/650x/d9c70597da8a9cb2926ef4bca3f81833/6/3/631257631237.jpg HTTP/1.1
Host: www.netnutri.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:20 GMT
Location: https://www.netnutri.com/media/catalog/product/cache/17/image/650x/d9c70597da8a9cb2926ef4bca3f81833/6/3/631257631237.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMgNQYFwFa5eYR6uLGAXLZHD0df%2BrXi5PUVhHRTfn%2Fp0dXyqKgzBx2M%2FqwRIY1dTRpOpWdxb1ioUrnnCOZR1qCNqjRdD6EyiUlHsEKHggoxko2TUsLq59l4NgwAg%2BAvJKbc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2e7babb4f9-OSL
alt-svc: h2=":443"; ma=60
static.seattletimes.com/wp-content/uploads/2019/11/urn-publicid-ap-org-8cca7e13d136460bbe9afe424bac7026Wintry_Weather_83917-2040x1473.jpg
143.204.55.14302 Found 0 B URL HTTP/1.1 static.seattletimes.com/wp-content/uploads/2019/11/urn-publicid-ap-org-8cca7e13d136460bbe9afe424bac7026Wintry_Weather_83917-2040x1473.jpg
IP 143.204.55.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2019/11/urn-publicid-ap-org-8cca7e13d136460bbe9afe424bac7026Wintry_Weather_83917-2040x1473.jpg HTTP/1.1
Host: static.seattletimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 302 Found
Server: CloudFront
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Length: 0
Connection: keep-alive
Location: https://images.seattletimes.com/wp-content/uploads/2019/11/urn-publicid-ap-org-8cca7e13d136460bbe9afe424bac7026Wintry_Weather_83917.jpg?d=2040x1473
X-Cache: FunctionGeneratedResponse from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j13mkoaOQb-eYufp2gz4KpLEYZU2Ohr5LhFM-VMO3USuAAStWKMwEg==
i0.wp.com/www.healthylifeandmagazine.com/wp-content/uploads/2020/11/Nervogen-Pro-can-help.jpg?fit=1150%2C359&ssl=1
192.0.77.2200 OK 18 kB URL HTTP/1.1 i0.wp.com/www.healthylifeandmagazine.com/wp-content/uploads/2020/11/Nervogen-Pro-can-help.jpg?fit=1150%2C359&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1150x359, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6fc4557430b0c4fe2be2bae361f191a9
4f703a618b7241305f5353a69a21910f41cb6ba8
9c780435536d90bf042b1d145a738e146aef87364e3520ec982aa14414a9fc93
GET /www.healthylifeandmagazine.com/wp-content/uploads/2020/11/Nervogen-Pro-can-help.jpg?fit=1150%2C359&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/webp
Content-Length: 18422
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 20:06:43 GMT
Expires: Tue, 19 Nov 2024 08:06:43 GMT
Cache-Control: public, max-age=63115200
Link: <https://www.healthylifeandmagazine.com/wp-content/uploads/2020/11/Nervogen-Pro-can-help.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
ETag: "b95acc3e6dd53790"
Vary: Accept
X-nc: MISS arn 4
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Timing-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d66308bc42e6e42bfe4250085f094de4
4c0e45e423ed441cba035adc5ece983939007fc6
4373586ae21261daf26c294616a18c118be2e6596ff7fdcbd1f20912d4c85d47
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99988
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:20 GMT
Etag: "637c85e8-116"
Expires: Thu, 24 Nov 2022 08:18:48 GMT
Last-Modified: Tue, 22 Nov 2022 08:18:48 GMT
Server: nginx
Content-Length: 278
2.bp.blogspot.com/_HUpqbKx04CU/TSycfTmh51I/AAAAAAAARc4/erl4jpqy7lc/s1600/boost.jpg
142.250.74.161200 OK 56 kB URL HTTP/1.1 2.bp.blogspot.com/_HUpqbKx04CU/TSycfTmh51I/AAAAAAAARc4/erl4jpqy7lc/s1600/boost.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 300x300, components 3\012- data
Hash f27706144511c16ba32604873aaae8c7
d55080e34812bfd91a09b7329cfa40d00c33c15c
f281c190a7c26f6462c807323294c25699c126c46190e157c035f0cb1dd06d2d
GET /_HUpqbKx04CU/TSycfTmh51I/AAAAAAAARc4/erl4jpqy7lc/s1600/boost.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v45ce"
Expires: Thu, 24 Nov 2022 04:32:20 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="boost.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: fife
Content-Length: 56287
X-XSS-Protection: 0
foodnurish.com/wp-content/uploads/2022/11/digestion.png
104.21.25.164301 Moved Permanently 0 B URL HTTP/1.1 foodnurish.com/wp-content/uploads/2022/11/digestion.png
IP 104.21.25.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2022/11/digestion.png HTTP/1.1
Host: foodnurish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:20 GMT
Location: https://foodnurish.com/wp-content/uploads/2022/11/digestion.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmA%2FjmTUhzSvEfXs17%2FcyiHqwt6pkCDxaaQuH5D9apYE9x%2FZpDnPFsCiRjhMShu2xyHnDxxTlqXVYfoAlL1j5FtV9l2gX51RoVrshv7BZ1zc%2B8eihXXVfODVcV5qw8yJyA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2efecc0b3d-OSL
alt-svc: h2=":443"; ma=60
www.northdeltareporter.com/wp-content/uploads/2022/11/30906426_web1_M3-NDR-20221103-What-is-Alpilean.jpeg
54.230.111.50301 Moved Permanently 167 B URL HTTP/1.1 www.northdeltareporter.com/wp-content/uploads/2022/11/30906426_web1_M3-NDR-20221103-What-is-Alpilean.jpeg
IP 54.230.111.50:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /wp-content/uploads/2022/11/30906426_web1_M3-NDR-20221103-What-is-Alpilean.jpeg HTTP/1.1
Host: www.northdeltareporter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.northdeltareporter.com/wp-content/uploads/2022/11/30906426_web1_M3-NDR-20221103-What-is-Alpilean.jpeg
X-Cache: Redirect from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ozObskRTMv2hB5pn577D1MtMl1ZvdXEc3RGZ7j7FyFNjHSbTZGJPgQ==
puregoldenbotanicals.com/wp-content/uploads/2019/02/PGB0002-CBD-Oil-500mg.jpg
35.209.61.18200 OK 117 kB URL HTTP/1.1 puregoldenbotanicals.com/wp-content/uploads/2019/02/PGB0002-CBD-Oil-500mg.jpg
IP 35.209.61.18:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x1600, components 3\012- data
Size 117 kB (116768 bytes)
Hash b06b309a842066513e45dd17386adc09
bdbdb8f7d82f6c60bae33eff4403ea27c939ed63
c10b98518c2e2d968de3f3f8b6d67e26026e4aff28d06f8e68c3bb44e95e7727
GET /wp-content/uploads/2019/02/PGB0002-CBD-Oil-500mg.jpg HTTP/1.1
Host: puregoldenbotanicals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 04:32:19 GMT
Content-Type: image/jpeg
Content-Length: 116768
Last-Modified: Fri, 08 Mar 2019 19:13:29 GMT
Connection: keep-alive
ETag: "5c82bed9-1c820"
Expires: Thu, 23 Nov 2023 04:32:19 GMT
Cache-Control: max-age=31536000
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
X-Proxy-Cache-Info: DT:1
Accept-Ranges: bytes
destination-dubai.fr/1941-large_default/yacht-rental-dubai.jpg
104.21.7.70200 OK 87 kB URL HTTP/1.1 destination-dubai.fr/1941-large_default/yacht-rental-dubai.jpg
IP 104.21.7.70:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 70", baseline, precision 8, 800x800, components 3\012- data
Hash 4be3c82b2b7f7155d1fbd67121a2bc03
bcb6fbe4c99c4671a2235f574c7e378c91dbae1e
49375a771d1e684bce4aff1b1741fb8dd6525bf24e64e1b046213ee50992b0c9
GET /1941-large_default/yacht-rental-dubai.jpg HTTP/1.1
Host: destination-dubai.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/jpeg
Content-Length: 87301
Connection: keep-alive
Last-Modified: Wed, 26 Aug 2020 19:07:51 GMT
ETag: "15505-5adcc894c0352"
X-Powered-By: PleskLin
MS-Author-Via: DAV
Cache-Control: max-age=2678400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yqwqE2lmN4nfuyXzrW03T0522xxQuZXjpLJCWsOMgIF5ALRjyvyhVwvdP67sITZP8OMl8iSKVezAYkY5dZd%2BFmaObK9443iQKX7Mb8su%2FFIL62%2FFGIuu8JU8klQSYEJr3a5iqW5uw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2dde0b0b65-OSL
alt-svc: h2=":443"; ma=60
1.bp.blogspot.com/--88Y3nAhmKI/YLou2xDabbI/AAAAAAAAAAk/UFVhN8mIr9Ea3aEFrOwLc3Xc78ssw5s2gCLcBGAsYHQ/w256-h256-p-k-no-nu/Joint%2BRestore%2BGummies.png
142.250.74.161200 OK 60 kB URL HTTP/1.1 1.bp.blogspot.com/--88Y3nAhmKI/YLou2xDabbI/AAAAAAAAAAk/UFVhN8mIr9Ea3aEFrOwLc3Xc78ssw5s2gCLcBGAsYHQ/w256-h256-p-k-no-nu/Joint%2BRestore%2BGummies.png
IP 142.250.74.161:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b43f4f3c04589d9d9ae438a3e0e9c5f
9f3861a1f3f61d1cd6e9424e709c0bbbdc611c1e
04d7f6a5e4cdec7fb1bc3d2d6ce70a7fa9e2b31467847002fd99bd001daae9ff
GET /--88Y3nAhmKI/YLou2xDabbI/AAAAAAAAAAk/UFVhN8mIr9Ea3aEFrOwLc3Xc78ssw5s2gCLcBGAsYHQ/w256-h256-p-k-no-nu/Joint%2BRestore%2BGummies.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "va"
Expires: Thu, 24 Nov 2022 04:32:20 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Joint Restore Gummies.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: fife
Content-Length: 59955
X-XSS-Protection: 0
www.newhealthguide.org/images/10440011/image001.jpg
172.67.139.35301 Moved Permanently 0 B URL HTTP/1.1 www.newhealthguide.org/images/10440011/image001.jpg
IP 172.67.139.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/10440011/image001.jpg HTTP/1.1
Host: www.newhealthguide.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:20 GMT
Location: https://www.newhealthguide.org/images/10440011/image001.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQpm6ON%2FE0eULC3bpjdcYCMT5SyGKZ7GntsM888DoskEvwKTL4YPpDFekNTliWD1FhnpFKQpdqRtzwXbnnnjvTzl4yBMVFFobUP%2FaHgZqg3mVsLkUwV3L73ivwDqYd4QabmnuGexMUTl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2f49460b06-OSL
alt-svc: h2=":443"; ma=60
www.security-faqs.com/wp-content/uploads/2010/10/web-design.jpg
172.67.164.88301 Moved Permanently 279 B URL HTTP/1.1 www.security-faqs.com/wp-content/uploads/2010/10/web-design.jpg
IP 172.67.164.88:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 99dfb66ef3f57dbd853e64158436251b
1768316a51a2430a0459dba50ff6ffbdcb258673
e18dc5a7cea0a930f62b3990ea2883e8800174b8d6a45f9894dd768e35a17a5c
GET /wp-content/uploads/2010/10/web-design.jpg HTTP/1.1
Host: www.security-faqs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.security-faqs.com/wp-content/uploads/2010/10/web-design.jpg
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9rXIDBnMjYRVepoJUfh4Zqpam09qApfWHIfOptAwxEUC2s7hgi4TC1IxLHNiFxoyWSiTkc%2BTIRyuLp1m2tRSs3zsme7DYu5eJEEfSGulap3m5xkqsSxVyTWHVTkio%2FRVWA%2FfflnP08%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2d3b651bfe-OSL
alt-svc: h2=":443"; ma=60
www.fruitvegetablesupplements.com/wp-content/uploads/2020/04/New-Vitality-Ruby-Reds-Fruit-and-Vegetable-Supplements-Top-10-Red-Superfood-powder-980x889.jpg
162.241.24.125200 OK 127 kB URL HTTP/1.1 www.fruitvegetablesupplements.com/wp-content/uploads/2020/04/New-Vitality-Ruby-Reds-Fruit-and-Vegetable-Supplements-Top-10-Red-Superfood-powder-980x889.jpg
IP 162.241.24.125:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x889, components 3\012- data
Size 127 kB (126745 bytes)
Hash 2c25cc4695f409f87712aa090028cb49
c148d3ce41d431521eb8432369922076b0bc64af
d7593d9ae8e0ec148bdb97121992b9f78b8ed58932b52316a91ea87640b9c8b2
GET /wp-content/uploads/2020/04/New-Vitality-Ruby-Reds-Fruit-and-Vegetable-Supplements-Top-10-Red-Superfood-powder-980x889.jpg HTTP/1.1
Host: www.fruitvegetablesupplements.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sat, 25 Apr 2020 07:07:12 GMT
Accept-Ranges: bytes
Content-Length: 126745
Cache-Control: max-age=86400
Expires: Thu, 24 Nov 2022 04:32:19 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
Content-Type: image/jpeg
falabella.scene7.com/is/image/Falabella/15137233_img8?wid=1160
23.38.200.69200 OK 116 kB URL HTTP/1.1 falabella.scene7.com/is/image/Falabella/15137233_img8?wid=1160
IP 23.38.200.69:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1160x360, components 3\012- data
Size 116 kB (115951 bytes)
Hash ecc17207290d6c51ce958828cb4b2945
a4d91295ea50b3b11de775be12304a32da07c45d
ea8d120ce68d36c8620197f198f8ab5c00fb8a9ab307d5e215121d597ee5bb4f
GET /is/image/Falabella/15137233_img8?wid=1160 HTTP/1.1
Host: falabella.scene7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Expires: Wed, 23 Nov 2022 05:32:20 GMT
Last-Modified: Mon, 14 Feb 2022 19:07:55 GMT
ETag: "ecc17207290d6c51ce958828cb4b2945"
Server: Unknown
Content-Type: image/jpeg
Content-Length: 115951
Date: Wed, 23 Nov 2022 04:32:20 GMT
Connection: keep-alive
1.bp.blogspot.com/-ALrxlC1wL5s/Vj2SEDNvv6I/AAAAAAAAAbA/5f49CMYfqDk/s640/glucoberry%2Banyar.jpg
142.250.74.161200 OK 83 kB URL HTTP/1.1 1.bp.blogspot.com/-ALrxlC1wL5s/Vj2SEDNvv6I/AAAAAAAAAbA/5f49CMYfqDk/s640/glucoberry%2Banyar.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x331, components 3\012- data
Hash aa112fbe5eca1ad134f014992f8c6910
a5475c593fa23c4122cbec5f9c47deb7b76211bf
c630b68038985c7ce2fe79e49ae2fe4e8e0587a49c34901c6ba4a03543d0da8d
GET /-ALrxlC1wL5s/Vj2SEDNvv6I/AAAAAAAAAbA/5f49CMYfqDk/s640/glucoberry%2Banyar.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1b1"
Expires: Thu, 24 Nov 2022 04:32:20 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="glucoberry anyar.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: fife
Content-Length: 82600
X-XSS-Protection: 0
pibsat.edu.pk/wp-content/uploads/2018/08/Professional-Diploma-in-Real-Estate-Management.jpg
181.214.31.80200 OK 270 kB URL HTTP/1.1 pibsat.edu.pk/wp-content/uploads/2018/08/Professional-Diploma-in-Real-Estate-Management.jpg
IP 181.214.31.80:0
ASN #46337 WEBSITE-HOSTING
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 808x335, components 3\012- data
Size 270 kB (269934 bytes)
Hash e76ce20d3b7d67994d5898fcb0712dbb
a45093ee0fad9c8733bc8f004dab1ac10f2ec2be
938701e81188c092594f1294b5d883b1c4daff958edfd7b7decd8b5ccb7c2f4d
GET /wp-content/uploads/2018/08/Professional-Diploma-in-Real-Estate-Management.jpg HTTP/1.1
Host: pibsat.edu.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Thu, 23 Nov 2023 04:32:19 GMT
content-type: image/jpeg
last-modified: Fri, 14 Sep 2018 21:10:36 GMT
etag: "41e6e-5b9c23cc-0;;;"
accept-ranges: bytes
content-length: 269934
date: Wed, 23 Nov 2022 04:32:19 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
www.burnhallhotelyork.com/wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg
199.36.158.100301 Moved Permanently 0 B URL HTTP/1.1 www.burnhallhotelyork.com/wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg
IP 199.36.158.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg HTTP/1.1
Host: www.burnhallhotelyork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://www.burnhallhotelyork.com/wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg
Accept-Ranges: bytes
Date: Wed, 23 Nov 2022 04:32:20 GMT
X-Served-By: cache-bma1681-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1669177940.434018,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
www.lost-vegas.co.uk/sites/default/files/addit-images/CP4.JPG
77.72.0.150200 OK 278 kB URL HTTP/1.1 www.lost-vegas.co.uk/sites/default/files/addit-images/CP4.JPG
IP 77.72.0.150:0
ASN #12488 Krystal Hosting Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 1600x1180, components 3\012- data
Size 278 kB (278369 bytes)
Hash b07314f6c987042877f75e1389d317bb
7a36d6039f18f4e9aeb84788d751d6c5541c02b0
e8822fa9413b2a0510ae328eb5f1bd9818129830982bdc1db30bfc9d2681285a
GET /sites/default/files/addit-images/CP4.JPG HTTP/1.1
Host: www.lost-vegas.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:32:20 GMT
content-type: image/jpeg
last-modified: Tue, 24 Sep 2013 12:52:26 GMT
accept-ranges: bytes
content-length: 278369
date: Wed, 23 Nov 2022 04:32:20 GMT
server: LiteSpeed
vary: User-Agent
x-content-type-options: nosniff
www.lapbandsurgery.com/wp-content/uploads/2020/09/gi_sciortino-slide-1024x512.jpg
107.180.50.222200 OK 150 kB URL HTTP/1.1 www.lapbandsurgery.com/wp-content/uploads/2020/09/gi_sciortino-slide-1024x512.jpg
IP 107.180.50.222:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.1 (Macintosh), datetime=2020:09:30 18:42:48], baseline, precision 8, 1024x512, components 3\012- data
Size 150 kB (149943 bytes)
Hash 7e38b2a54d0fd8511d3151a1f6536e01
f69b51426f06fdecbb6b94498e9f97a244248d7d
01edc54fecb8b9060f87a59dc71ee7a23d25bc39cc31f13f4cd766e587b98ae0
GET /wp-content/uploads/2020/09/gi_sciortino-slide-1024x512.jpg HTTP/1.1
Host: www.lapbandsurgery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 01 Oct 2020 01:44:07 GMT
ETag: "66ea841-249b7-5b09226dddc6c"
Accept-Ranges: bytes
Content-Length: 149943
Keep-Alive: timeout=5
Content-Type: image/jpeg
www.rebornbuy.com/media/catalog/product/cache/1/image/1000x/9df78eab33525d08d6e5fb8d27136e95/p/p/ppw195023-5.jpg
104.21.38.104301 Moved Permanently 0 B URL HTTP/1.1 www.rebornbuy.com/media/catalog/product/cache/1/image/1000x/9df78eab33525d08d6e5fb8d27136e95/p/p/ppw195023-5.jpg
IP 104.21.38.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /media/catalog/product/cache/1/image/1000x/9df78eab33525d08d6e5fb8d27136e95/p/p/ppw195023-5.jpg HTTP/1.1
Host: www.rebornbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:20 GMT
Location: https://www.rebornbuy.com/media/catalog/product/cache/1/image/1000x/9df78eab33525d08d6e5fb8d27136e95/p/p/ppw195023-5.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8T9qEz3iS7PvPDD4nKJJYVYC8MUhkt8yAPm7qzhAS62LKdfhkdHJVBiNs%2FlHba%2FbR%2FgmdMtjdvPZbnTkGNcLJKxL2a%2F0E897lBBilwVy2bd8bXIt8VLrHqsYHzBZZOtgONoQ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e2ffef11c0e-OSL
alt-svc: h2=":443"; ma=60
oum-media.s3.amazonaws.com/wp-content/uploads/2015/11/5-Easy-Tips-for-Easy-Weight-Loss.jpg
52.218.243.43200 OK 158 kB URL HTTP/1.1 oum-media.s3.amazonaws.com/wp-content/uploads/2015/11/5-Easy-Tips-for-Easy-Weight-Loss.jpg
IP 52.218.243.43:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=16, description=Closeup of woman feet standing on bathroom scale and a tape measure. Health and weight concept., manufacturer=Canon, model=Canon EOS 550D, orientation=upper-left, xresolution=324, yresolution=332, resolutionunit=2, software=Adobe Photoshop CC 2014 (Macintosh), datetime=2014:12:09 20:43:47], baseline, precision 8, 730x1095, components 3\012- data
Size 158 kB (158275 bytes)
Hash 4330ee6ff0ffcd9163d67e9f11577b60
f504a3b86f06277cb3c13d2269aae4c9d4aee960
eb6f3f42de2006061d3a643292db4fe6b00dccc9f50ebe204944c8cf5dbb570a
GET /wp-content/uploads/2015/11/5-Easy-Tips-for-Easy-Weight-Loss.jpg HTTP/1.1
Host: oum-media.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
x-amz-id-2: xgq1Dd7HS5KItv9B/CH661TYob7eEZ2/4jUPeixZBH7kXq00ARhjorpEkBrAvv0Bkb6YaRzjmAY=
x-amz-request-id: G6HP6R05A7QZNH1G
Date: Wed, 23 Nov 2022 04:32:20 GMT
Last-Modified: Thu, 02 Mar 2017 07:55:43 GMT
ETag: "4330ee6ff0ffcd9163d67e9f11577b60"
Cache-Control: max-age=31536000
Expires: Fri, 02 Mar 2018 07:55:42 GMT
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 158275
athleticrecoverycentre.co.za/wp-content/uploads/2019/05/sportsmassage.jpg
41.204.202.48200 OK 40 kB URL HTTP/1.1 athleticrecoverycentre.co.za/wp-content/uploads/2019/05/sportsmassage.jpg
IP 41.204.202.48:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 998x1298, components 3\012- data
Hash 33a6405566600432326784123cef796c
c6434b58593af7944bdb1dfbcc121989e35bc976
e9ad1b3351652e478b1a71b6482f52fcd017d54a5bbcee4d9eb5df207cc35110
GET /wp-content/uploads/2019/05/sportsmassage.jpg HTTP/1.1
Host: athleticrecoverycentre.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache
Vary: Accept,Accept-Encoding
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 25 Mar 2022 10:43:09 GMT
Accept-Ranges: bytes
Content-Length: 39497
Cache-Control: max-age=10368000, public
Expires: Thu, 23 Mar 2023 04:32:20 GMT
Keep-Alive: timeout=5, max=100
Content-Type: image/jpeg
www.yumpu.com/en/image/facebook/67319332.jpg
143.204.55.45301 Moved Permanently 167 B URL HTTP/1.1 www.yumpu.com/en/image/facebook/67319332.jpg
IP 143.204.55.45:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /en/image/facebook/67319332.jpg HTTP/1.1
Host: www.yumpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.yumpu.com/en/image/facebook/67319332.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MQUS3dfarq6JMWwJLwXkv2drKgEL55dddAaMWNFSg0Vli0Hozzocww==
www.farmaspeed.it/img_500_182026.jpg
195.231.18.88301 Moved Permanently 167 B URL HTTP/1.1 www.farmaspeed.it/img_500_182026.jpg
IP 195.231.18.88:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 18d6d699879507ed02e279f129b1dd1b
685c80c51e59290d5013ab35f18eabd76be4f75c
bfa33f11f413a741314a8f5c589fc16692a4ecb2ae949a33e103fe6d9b59aa50
GET /img_500_182026.jpg HTTP/1.1
Host: www.farmaspeed.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Location: https://www.farmaspeed.it/img_500_182026.jpg
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Wed, 23 Nov 2022 04:32:19 GMT
Content-Length: 167
i0.wp.com/teacoffeestore.com/wp-content/uploads/2015/07/611gn9z8HRL.jpg?fit=500%2C500
192.0.77.2200 OK 64 kB URL HTTP/1.1 i0.wp.com/teacoffeestore.com/wp-content/uploads/2015/07/611gn9z8HRL.jpg?fit=500%2C500
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 47eb354e8c276be648458ea192bde6c9
84af362ab82269cf62ad015f2636216664789578
8581543879d848cdd923565d9ec7b3bed8b673b3cc848fef98d0e3c086836b4f
GET /teacoffeestore.com/wp-content/uploads/2015/07/611gn9z8HRL.jpg?fit=500%2C500 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/webp
Content-Length: 64512
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 04:32:20 GMT
Expires: Fri, 22 Nov 2024 16:32:20 GMT
Cache-Control: public, max-age=63115200
Link: <http://teacoffeestore.com/wp-content/uploads/2015/07/611gn9z8HRL.jpg>; rel="canonical"
X-Content-Type-Options: nosniff
ETag: "cf2d1d0a6d9812da"
Vary: Accept
X-nc: MISS arn 1
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Timing-Allow-Origin: *
hudsonpoint.com/wp-content/uploads/real-estate-bg.jpg
107.180.51.35301 Moved Permanently 269 B URL HTTP/1.1 hudsonpoint.com/wp-content/uploads/real-estate-bg.jpg
IP 107.180.51.35:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5297fd86d70ff2fe439b27980809342d
db1d48019dfe7bfbf092b1081635e3f6ed9f8db1
bbce8f8575c3a31d71445a5fe98d998c6046dc14b117d82901735a94f27cbfde
GET /wp-content/uploads/real-estate-bg.jpg HTTP/1.1
Host: hudsonpoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache
Location: https://hudsonpoint.com/wp-content/uploads/real-estate-bg.jpg
Content-Length: 269
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
vacances-vacance.com/wp-content/uploads/2019/03/best-real-estate-agents-805x452.jpg
107.155.98.92200 OK 78 kB URL HTTP/1.1 vacances-vacance.com/wp-content/uploads/2019/03/best-real-estate-agents-805x452.jpg
IP 107.155.98.92:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 805x452, components 3\012- data
Hash 35576736ad20888525172d280adcdd40
9f573e3dcbeecf9edcc648d9e89b67e08db60103
e30728fc00cdf88a536dfa886beae24854532566e86be58ab3aaae85e03f305c
GET /wp-content/uploads/2019/03/best-real-estate-agents-805x452.jpg HTTP/1.1
Host: vacances-vacance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:32:20 GMT
content-type: image/jpeg
last-modified: Mon, 25 Mar 2019 09:25:08 GMT
accept-ranges: bytes
content-length: 78054
date: Wed, 23 Nov 2022 04:32:20 GMT
server: LiteSpeed
4.bp.blogspot.com/-N2tBasr9hFM/WGFCCGQv68I/AAAAAAAASQo/9OdxViftO2MxwzTK30NR8BJOK1tWHZlzQCLcB/s1600/best%2Bskin%2Bcare%2Bof%2B2016%2Bcruelty%2Bfree.jpg
142.250.74.161200 OK 297 kB URL HTTP/1.1 4.bp.blogspot.com/-N2tBasr9hFM/WGFCCGQv68I/AAAAAAAASQo/9OdxViftO2MxwzTK30NR8BJOK1tWHZlzQCLcB/s1600/best%2Bskin%2Bcare%2Bof%2B2016%2Bcruelty%2Bfree.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1600x1200, components 3\012- data
Size 297 kB (297025 bytes)
Hash 80a0f528708bda3c94c0530016e6c5ce
35da1c77a63f83114ff9295201bc401c63ed7317
b96ea96b6d4eeb8c40519390438b7ab5241024251c1cb8b70188d59e48ff4ac9
GET /-N2tBasr9hFM/WGFCCGQv68I/AAAAAAAASQo/9OdxViftO2MxwzTK30NR8BJOK1tWHZlzQCLcB/s1600/best%2Bskin%2Bcare%2Bof%2B2016%2Bcruelty%2Bfree.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v4910"
Expires: Thu, 24 Nov 2022 04:32:20 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="best skin care of 2016 cruelty free.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: fife
Content-Length: 297025
X-XSS-Protection: 0
freshrevisor.com/wp-content/uploads/2020/12/sss-1536x904.png
198.187.31.75301 Moved Permanently 707 B URL HTTP/1.1 freshrevisor.com/wp-content/uploads/2020/12/sss-1536x904.png
IP 198.187.31.75:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2020/12/sss-1536x904.png HTTP/1.1
Host: freshrevisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 23 Nov 2022 04:32:20 GMT
server: LiteSpeed
location: https://freshrevisor.com/wp-content/uploads/2020/12/sss-1536x904.png
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
i0.wp.com/consumerscompanion.com/wp-content/uploads/2020/05/Vital-Flow-Reviews.png?resize=1068%2C623&ssl=1
192.0.77.2200 OK 61 kB URL HTTP/1.1 i0.wp.com/consumerscompanion.com/wp-content/uploads/2020/05/Vital-Flow-Reviews.png?resize=1068%2C623&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 80b23a0a157593604bda75562a8fdfee
2f3893006d19f0888a724371f1a5e37379985ef4
1edfc2ece0d16e193f7773fa41d5fa823a5d944fe19813a8efd96dca867df7aa
GET /consumerscompanion.com/wp-content/uploads/2020/05/Vital-Flow-Reviews.png?resize=1068%2C623&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/webp
Content-Length: 61112
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 04:32:20 GMT
Expires: Fri, 22 Nov 2024 16:32:20 GMT
Cache-Control: public, max-age=63115200
Link: <https://consumerscompanion.com/wp-content/uploads/2020/05/Vital-Flow-Reviews.png>; rel="canonical"
X-Content-Type-Options: nosniff
ETag: "7f7fa505536dfc5c"
Vary: Accept
X-nc: MISS arn 2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Timing-Allow-Origin: *
www.eyelashextensionsmiami.net/wp-content/uploads/2022/10/hydrossential-serum-1-bottle.png
67.20.76.196301 Moved Permanently 306 B URL HTTP/1.1 www.eyelashextensionsmiami.net/wp-content/uploads/2022/10/hydrossential-serum-1-bottle.png
IP 67.20.76.196:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 17f9bf69c79f844c074c1c3e3a04d1ec
bfe9a1f0978a8592b368d0417512f9fd0ba0f706
53eeb36f79169f693a9d519770679863953fb388b46ee3d147da719795e2b834
GET /wp-content/uploads/2022/10/hydrossential-serum-1-bottle.png HTTP/1.1
Host: www.eyelashextensionsmiami.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache
Location: https://www.eyelashextensionsmiami.net/wp-content/uploads/2022/10/hydrossential-serum-1-bottle.png
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 05:32:20 GMT
Content-Length: 306
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
icrowdnewswire.com/wp-content/uploads/2021/04/olivercafe.jpg
172.66.42.222200 OK 26 kB URL HTTP/2 icrowdnewswire.com/wp-content/uploads/2021/04/olivercafe.jpg
IP 172.66.42.222:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 450x250, components 3\012- data
Hash 4ff5ce953dcba3f7ec41930ba3ef8397
bf9001d3f00c0fcbfcb375a787296eaa7178a32b
39a1d5d09a4107150c431ccb7fb3c878d4211626bceb2556891094f9dcf7b338
GET /wp-content/uploads/2021/04/olivercafe.jpg HTTP/1.1
Host: icrowdnewswire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:20 GMT
content-type: image/jpeg
content-length: 25773
cf-ray: 76e72e2eefdab529-OSL
accept-ranges: bytes
cache-control: max-age=14400
etag: "64ad-5bfd10a221c58"
last-modified: Tue, 13 Apr 2021 02:03:42 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
X-Firefox-Spdy: h2
rentin.ae/upload/img/Posts/346/EKdTRH9i.jpg
87.236.16.22200 OK 394 kB URL HTTP/1.1 rentin.ae/upload/img/Posts/346/EKdTRH9i.jpg
IP 87.236.16.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1500x1000, components 3\012- data
Size 394 kB (393788 bytes)
Hash 928f13811495824cc4b8b00329bfe681
9c68428a0742cd3ba08b1a975067ec008e7f8a48
18a88d861bb6baeeb6bf315933d41d5c1a1fe2ac1ae13d3b7d2924599a273ed3
GET /upload/img/Posts/346/EKdTRH9i.jpg HTTP/1.1
Host: rentin.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/jpeg
Content-Length: 393788
Last-Modified: Wed, 13 Jun 2018 08:32:18 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "5b20d692-6023c"
Expires: Fri, 23 Dec 2022 04:32:20 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
media.gettyimages.com/photos/medicinal-tea-made-of-burning-bush-gas-plant-dictamnus-albus-dittamo-picture-id584686524
143.204.55.6200 OK 107 kB URL HTTP/1.1 media.gettyimages.com/photos/medicinal-tea-made-of-burning-bush-gas-plant-dictamnus-albus-dittamo-picture-id584686524
IP 143.204.55.6:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, description=Medicinal tea made of Burning bush, gas plant, Dictamnus albus, Dittamo. (Photo by: Bildagentur-online/Universal Images Group v], baseline, precision 8, 1024x685, components 3\012- data
Size 107 kB (106633 bytes)
Hash 718dfd604904118c4567b62c4d7b8a95
e0ed1ffe98a726349f9cee41114dfbc0f7f45209
f8ac85e5335220697d18ace1a81ff35b11a67582bffe033cbfbfa2ebe3f912c5
GET /photos/medicinal-tea-made-of-burning-bush-gas-plant-dictamnus-albus-dittamo-picture-id584686524 HTTP/1.1
Host: media.gettyimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 106633
Connection: keep-alive
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Kestrel
Cache-Control: public, max-age=7776000
Last-Modified: Wed, 23 Nov 2022 04:32:20 GMT
Access-Control-Allow-Origin: *
Link: </photos/medicinal-tea-made-of-burning-bush-gas-plant-dictamnus-albus-dittamo-picture-id584686524>; rel= "canonical"
Content-Disposition: inline; filename=gettyimages-584686524-1024x1024.jpg
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AhKZCsBs4ClStwRceKKI8g8UIeYC0b0ozfghZPHQcHJvEv0etmybtA==
www.the1031investor.com/wp-content/uploads/2018/08/canstockphoto853147.jpg
52.40.12.240301 Moved Permanently 162 B URL HTTP/1.1 www.the1031investor.com/wp-content/uploads/2018/08/canstockphoto853147.jpg
IP 52.40.12.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/uploads/2018/08/canstockphoto853147.jpg HTTP/1.1
Host: www.the1031investor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.the1031investor.com/wp-content/uploads/2018/08/canstockphoto853147.jpg
laenbiome.com/hosted/images/f4/c1f0fff2f142dba4425f930fceff5e/buy-now-1-.png
104.16.16.194200 OK 14 kB URL HTTP/1.1 laenbiome.com/hosted/images/f4/c1f0fff2f142dba4425f930fceff5e/buy-now-1-.png
IP 104.16.16.194:0
File type PNG image data, 810 x 342, 8-bit colormap, non-interlaced\012- data
Hash 6e0793d783b59fdea9b6f849e1dbe1c7
aa78e6e7a7f7de07c22e913972334a3265e0e965
00ec9f684e462f3d00e9b4edd77fa88f4b8c5bdb2c331454f7494e4cb2685813
GET /hosted/images/f4/c1f0fff2f142dba4425f930fceff5e/buy-now-1-.png HTTP/1.1
Host: laenbiome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/png
Content-Length: 14101
Connection: keep-alive
CF-Ray: 76e72e304cabb512-OSL
Accept-Ranges: bytes
Cache-Control: max-age=31536000
ETag: "6e0793d783b59fdea9b6f849e1dbe1c7"
Last-Modified: Tue, 05 Jul 2022 06:58:15 GMT
CF-Cache-Status: MISS
X-Amz-Cf-Pop: OSL50-C1
Set-Cookie: __cf_bm=bPjcIIqfnAfcj3aST9NSsCYl3ZLGcU5ceoRScJf.uME-1669177940-0-ARX6uUwcrgXnt44v03twIGvDu3tOKyBJijmcLKj/n7xTzTToa6FFUcyPDivr8bA47QDch58zb9VpDXhN99xKHrxF1+z7wh3BbdbxASFiet5s; path=/; expires=Wed, 23-Nov-22 05:02:20 GMT; domain=.laenbiome.com; HttpOnly; SameSite=None
Server-Timing: cf-q-config;dur=5.9999999848515e-06
Vary: Accept-Encoding
Server: cloudflare
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fba7b0-566a-4154-a555-caf6ef55283e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fba7b0-566a-4154-a555-caf6ef55283e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f90eaacb028f41ae23d5ae0bb5bb1c60
adabb8e73c60950b2161b973db1150a2e6484d3f
8e45a3b3966392447e2b426e912e8151e087cfbf9f4ff2af47d81d20d5a19f25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fba7b0-566a-4154-a555-caf6ef55283e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10678
x-amzn-requestid: 9180d893-71d8-460c-92b7-2bb406940975
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQ65Fr6oAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772eab-1741d1f27534c13e43e3cec0;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:05:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K2Shuq-IX_VACYEEJzuubHKr01H_Oq_NntRt9WlJuAMsBG61kaFhjg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 19:31:13 GMT
age: 32467
etag: "adabb8e73c60950b2161b973db1150a2e6484d3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:54:28 GMT
age: 23872
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21fc9852ed2db17695d7038195b9283f
cda806d600c9e63e50d8ec42549fb107e4915068
55a7098369eb94f4333a1079ed6ad570121b7c76eeafb35022224b86d9b7edbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb450e2a1-222f-4dfe-850a-f862cd102c3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6910
x-amzn-requestid: 0d4fa715-c66a-4bcb-985c-f2c2ea71b3a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-pvrF-xoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c2330-67041f796d1906cc51e31b73;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 01:17:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mpgJn1_loQQQ8CMtSWPy1hYUI5IyYpb2OdU1ycqP-v6AGNlMq4PG-g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:56:30 GMT
age: 20150
etag: "cda806d600c9e63e50d8ec42549fb107e4915068"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
m.media-amazon.com/images/I/41LMkOfzwXL._AC_US40_.jpg
143.204.54.16403 Forbidden 915 B URL HTTP/1.1 m.media-amazon.com/images/I/41LMkOfzwXL._AC_US40_.jpg
IP 143.204.54.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bee2542fcfcaead83ce3df8492bbf736
aef458fdd312ad0104f221cadc0f98a5a5d00efd
81a4749f0d066ef33c9e530bb13bd349341a50e887aae17319cf0fa76bf183c8
GET /images/I/41LMkOfzwXL._AC_US40_.jpg HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 403 Forbidden
Server: CloudFront
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: text/html
Content-Length: 915
Connection: keep-alive
X-Cache: Error from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tftDXOausEC9lpj6O9Q_lTEci36U0BCLutFDO77PjsykQTqtqiI3ZA==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15390
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:32:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15390
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:32:20 GMT
Connection: keep-alive
i.ibb.co/FzSJ3y2/protetox-2.png
51.210.32.132301 Moved Permanently 162 B URL HTTP/1.1 i.ibb.co/FzSJ3y2/protetox-2.png
IP 51.210.32.132:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /FzSJ3y2/protetox-2.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://i.ibb.co/FzSJ3y2/protetox-2.png
media1.fdncms.com/orlando/imager/u/slideshow/28060522/steel-bite-pro-reviews-report-00.jpg
209.104.5.203301 Moved Permanently 0 B URL HTTP/1.1 media1.fdncms.com/orlando/imager/u/slideshow/28060522/steel-bite-pro-reviews-report-00.jpg
IP 209.104.5.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /orlando/imager/u/slideshow/28060522/steel-bite-pro-reviews-report-00.jpg HTTP/1.1
Host: media1.fdncms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://media1.fdncms.com/orlando/imager/u/slideshow/28060522/steel-bite-pro-reviews-report-00.jpg
Connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15390
Expires: Wed, 23 Nov 2022 08:48:50 GMT
Date: Wed, 23 Nov 2022 04:32:20 GMT
Connection: keep-alive
43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com/wp-content/uploads/2021/11/27090253_web1_M-ADW-20211105-Exipure.jpeg
94.31.29.99200 OK 50 kB URL HTTP/1.1 43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com/wp-content/uploads/2021/11/27090253_web1_M-ADW-20211105-Exipure.jpeg
IP 94.31.29.99:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Hash 24243b6f71daa8c11059ad37cdfc6607
75a0f7d5966dd74aa49fbf16467fd0c31b7a8564
b916c09c4f879ddc24d67d2c5d133e09127436c685b1e143c59d56a70ac545d2
GET /wp-content/uploads/2021/11/27090253_web1_M-ADW-20211105-Exipure.jpeg HTTP/1.1
Host: 43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/jpeg
Content-Length: 49732
Connection: keep-alive
Last-Modified: Wed, 17 Nov 2021 07:11:26 GMT
ETag: "24243b6f71daa8c11059ad37cdfc6607"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Expires: Fri, 23 Dec 2022 04:32:20 GMT
Cache-Control: max-age=2592000
Server: NetDNA-cache/2.2
X-Cache: MISS
blog.mitestack.com/wp-content/uploads/2022/04/cytoburn-banner-600x338.png
194.233.89.214301 Moved Permanently 707 B URL HTTP/1.1 blog.mitestack.com/wp-content/uploads/2022/04/cytoburn-banner-600x338.png
IP 194.233.89.214:0
ASN #141995 Contabo Asia Private Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2022/04/cytoburn-banner-600x338.png HTTP/1.1
Host: blog.mitestack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 707
Date: Wed, 23 Nov 2022 04:32:20 GMT
Location: https://blog.mitestack.com/wp-content/uploads/2022/04/cytoburn-banner-600x338.png
i.ibb.co/qgpbV2h/Alpha-Xtra-Boost-reviews.png
51.210.32.132301 Moved Permanently 162 B URL HTTP/1.1 i.ibb.co/qgpbV2h/Alpha-Xtra-Boost-reviews.png
IP 51.210.32.132:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /qgpbV2h/Alpha-Xtra-Boost-reviews.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://i.ibb.co/qgpbV2h/Alpha-Xtra-Boost-reviews.png
43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/26431433_web1_TSR-ADW-20210909-Folifort-teaser.jpeg
94.31.29.99200 OK 50 kB URL HTTP/1.1 43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/26431433_web1_TSR-ADW-20210909-Folifort-teaser.jpeg
IP 94.31.29.99:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 1302x868, components 3\012- data
Hash dbf65ed7ddba7ebe18407c71efea5b12
3e92314a8f740c551bda76a7227160a5faa2cc38
f2f9ae3115f62a300f1a30f27e8b7aff3a2d228439559bb8f2842ac804ddd98c
GET /wp-content/uploads/2021/09/26431433_web1_TSR-ADW-20210909-Folifort-teaser.jpeg HTTP/1.1
Host: 43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/jpeg
Content-Length: 50178
Connection: keep-alive
Last-Modified: Tue, 21 Sep 2021 07:10:56 GMT
ETag: "dbf65ed7ddba7ebe18407c71efea5b12"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Expires: Fri, 23 Dec 2022 04:32:20 GMT
Cache-Control: max-age=2592000
Server: NetDNA-cache/2.2
X-Cache: MISS
fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
216.58.207.195200 OK 27 kB URL HTTP/1.1 fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27120, version 1.0\012- data
Hash 43e7d3f1dec74478587a2b3cfa272631
c065f24ac428353854ebd6715c49966fc4f4c762
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
GET /s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.voirvk.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 27120
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 20:33:41 GMT
Expires: Wed, 22 Nov 2023 20:33:41 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 16:42:07 GMT
Content-Type: font/woff2
Age: 28719
www.investopedia.com/thmb/K031D19Ycq9Md0hic9enGQ17zuc=/680x0/filters:no_upscale():max_bytes(150000):strip_icc()/ThinkstockPhotos-465157044-6d4be91f10204e54aab34e1787c14bac.jpg
151.101.86.137200 OK 78 kB URL HTTP/2 www.investopedia.com/thmb/K031D19Ycq9Md0hic9enGQ17zuc=/680x0/filters:no_upscale():max_bytes(150000):strip_icc()/ThinkstockPhotos-465157044-6d4be91f10204e54aab34e1787c14bac.jpg
IP 151.101.86.137:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 680x440, components 3\012- data
Hash 86484684adc1e1cc9b7c5f1e1b52f71a
8fc9f945d880811d58ed5aaa194bca6d825282b8
4900484b2fed8beca54ef464116c9a3f919b564db516023bdef903bde058710c
GET /thmb/K031D19Ycq9Md0hic9enGQ17zuc=/680x0/filters:no_upscale():max_bytes(150000):strip_icc()/ThinkstockPhotos-465157044-6d4be91f10204e54aab34e1787c14bac.jpg HTTP/1.1
Host: www.investopedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-request-id: EQ2G4BPQ0HMRCMYY
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-type: image/jpeg
last-modified: Tue, 14 Apr 2020 19:28:07 GMT
server: AmazonS3
etag: "86484684adc1e1cc9b7c5f1e1b52f71a"
x-timer: S1668000652.947564,VS0,VE86
x-amz-id-2: VAUHjts9qoHdjPRNETMX1RuYapRUQhP6jZKnLZSvvpmjHg95e/3wWDVKqMlXnYLH88Z8cgeD8VQ=
cache-control: max-age=31536000,public,no-transform
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/555/re.p"}]}
accept-ranges: bytes
date: Wed, 23 Nov 2022 04:32:20 GMT
age: 544432
x-served-by: cache-iad-kiad7000155-IAD, cache-iad-kjyo7100021-IAD, cache-bma1622-BMA
x-cache: MISS, HIT, MISS
x-cache-hits: 0, 16, 0
content-length: 77557
X-Firefox-Spdy: h2
fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
216.58.207.195200 OK 28 kB URL HTTP/1.1 fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27976, version 1.0\012- data
Hash 22907ce040431644b934b72a7c431a36
78863dfb62414fe1a73f64d7f7fbff63ebccb322
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
GET /s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.voirvk.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 27976
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 16 Nov 2022 19:16:05 GMT
Expires: Thu, 16 Nov 2023 19:16:05 GMT
Cache-Control: public, max-age=31536000
Age: 551775
Last-Modified: Tue, 26 Apr 2022 15:45:46 GMT
Content-Type: font/woff2
www.printablee.com/postpic/2010/05/free-printable-weight-loss-chart_257821.jpg
104.161.44.202301 Moved Permanently 378 B URL HTTP/1.1 www.printablee.com/postpic/2010/05/free-printable-weight-loss-chart_257821.jpg
IP 104.161.44.202:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 807241d67995c53410cdcfd658a262ea
d0c7ec917288fd42507b1ac70dde1a89cefe8a0a
cdc7c81d965cc12b32daa86ce5026258733a77262e2f4d052544503e0434620a
GET /postpic/2010/05/free-printable-weight-loss-chart_257821.jpg HTTP/1.1
Host: www.printablee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://www.printablee.com/postpic/2010/05/free-printable-weight-loss-chart_257821.jpg
Content-Length: 378
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.29chat.com/upload/photos/2021/10/akizSvDYslC8dJYDBPwe_12_8dd9a913776612a168ea0245ff104800_image.png
162.241.27.245200 OK 58 kB URL HTTP/1.1 www.29chat.com/upload/photos/2021/10/akizSvDYslC8dJYDBPwe_12_8dd9a913776612a168ea0245ff104800_image.png
IP 162.241.27.245:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 60", baseline, precision 8, 1200x600, components 3\012- data
Hash bbd7256e66243e1413738417aca440fc
4a7637c21cb3348e340d8e163c38054a4d7fa5dd
daf6524cc0149de7375737783c4068d32d69dbe33feaa269b74aba873a004f84
GET /upload/photos/2021/10/akizSvDYslC8dJYDBPwe_12_8dd9a913776612a168ea0245ff104800_image.png HTTP/1.1
Host: www.29chat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache
Upgrade: h2,h2c
Last-Modified: Tue, 12 Oct 2021 11:52:30 GMT
Accept-Ranges: bytes
Content-Length: 58312
Cache-Control: max-age=31536000
Expires: Thu, 23 Nov 2023 04:32:20 GMT
Connection: keep-alive
Keep-Alive: timeout=100,max=500
Access-Control-Allow-Origin: *
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b493c1f7059668e9d8f05882c04e35c0
8f6010e6c24d5941035e8b7bae7f56916aff805c
b390c4be69c1b157428f7d3128d1251e88541a9c6bf2f372fa13bc6d92fd9715
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:20 GMT
Etag: "637ccc46-116"
Server: ECS (amb/6B9E)
Content-Length: 278
images.freeimages.com/images/large-previews/ca6/poker-1306085.jpg
54.230.111.116301 Moved Permanently 167 B URL HTTP/1.1 images.freeimages.com/images/large-previews/ca6/poker-1306085.jpg
IP 54.230.111.116:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /images/large-previews/ca6/poker-1306085.jpg HTTP/1.1
Host: images.freeimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://images.freeimages.com/images/large-previews/ca6/poker-1306085.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DeuEsXRLCsPD4j7It1NlyMGs52xk9PuIDqlBdg3tuLBimDigQMamLQ==
www.energy-spiritual-healing.com/wp-content/uploads/2022/10/what-workouts-help-your-prostate-300x224.jpg
45.35.86.120200 OK 19 kB URL HTTP/1.1 www.energy-spiritual-healing.com/wp-content/uploads/2022/10/what-workouts-help-your-prostate-300x224.jpg
IP 45.35.86.120:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x224, components 3\012- data
Hash c8febea9cf965725176bab2848c99cd3
498c6c5f1ae361d599f29f6993800b60432d56b4
25f4f7ecf11f88b9e38695fa89550740497509ac95049ab46c23a9270d17f7bd
GET /wp-content/uploads/2022/10/what-workouts-help-your-prostate-300x224.jpg HTTP/1.1
Host: www.energy-spiritual-healing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:32:17 GMT
content-type: image/jpeg
last-modified: Wed, 26 Oct 2022 04:12:12 GMT
accept-ranges: bytes
content-length: 18857
date: Wed, 23 Nov 2022 04:32:17 GMT
server: LiteSpeed
jigglar.com/wp-content/uploads/2020/09/selling-buying.png
104.26.8.71200 OK 423 kB URL HTTP/1.1 jigglar.com/wp-content/uploads/2020/09/selling-buying.png
IP 104.26.8.71:0
File type PNG image data, 655 x 654, 8-bit/color RGB, non-interlaced\012- data
Size 423 kB (422831 bytes)
Hash 7cc42a6355874bc5421902432e23e313
63feebb2cd968c1620eb5ff4c06e39edfe0109d5
98b93161379f24a48ca962df88013d12afda92f66cc4cc6349454928a3d15e63
GET /wp-content/uploads/2020/09/selling-buying.png HTTP/1.1
Host: jigglar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/png
Content-Length: 422831
Connection: keep-alive
Last-Modified: Wed, 23 Sep 2020 04:19:27 GMT
Cache-Control: public, max-age=31536000
Expires: Thu, 23 Nov 2023 04:32:20 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xumNyDbAslqPEzukrix%2FhULT%2BjKBKs%2BFTUtebuZ2ABDTcsLp5fyJjRu0XJuv698jR4Gg24xW4juj13h2psFKyB2DiVczn60vOmXWZ%2FmL35ty7pCLqqy8dNmadjrV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76e72e2da9d30b31-OSL
alt-svc: h2=":443"; ma=60
9rbj730vb6e2svam41gmicvm-wpengine.netdna-ssl.com/wp-content/uploads/Boost_Burn_SupplementFacts.png
108.161.188.228200 OK 716 kB URL HTTP/1.1 9rbj730vb6e2svam41gmicvm-wpengine.netdna-ssl.com/wp-content/uploads/Boost_Burn_SupplementFacts.png
IP 108.161.188.228:0
File type PNG image data, 2000 x 1501, 8-bit/color RGBA, non-interlaced\012- data
Size 716 kB (716386 bytes)
Hash 7fba55a75f2b7392805667c69490e334
b13867d7e832b2a6a569a0b0d454ceaa660a8d0a
9c072f6342ddfbb329e8aeaa57d321845ea158ad9c2da2fe4e4bb85bcd5a09ec
GET /wp-content/uploads/Boost_Burn_SupplementFacts.png HTTP/1.1
Host: 9rbj730vb6e2svam41gmicvm-wpengine.netdna-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/png
Content-Length: 716386
Connection: keep-alive
Last-Modified: Sun, 30 Sep 2018 13:11:09 GMT
ETag: "5bb0cb6d-aee62"
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Server: NetDNA-cache/2.2
X-Cache: MISS
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 24aaacaad64bcfbeff14f8cc12b7b7c8
72b39936a3ed39bc6760d60a7305ce8efec4c9d3
64af56ff7c2da52d40bffd4192cb1ba30ba50927ef18cf6a9ee1c4eb80499f3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=88480
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:20 GMT
Etag: "637c58f4-116"
Expires: Thu, 24 Nov 2022 05:07:00 GMT
Last-Modified: Tue, 22 Nov 2022 05:07:00 GMT
Server: nginx
Content-Length: 278
glucotrust.art/wp-content/uploads/2022/07/gluco-trust-review-2022-beware-w.jpg
198.252.104.183200 OK 92 kB URL HTTP/1.1 glucotrust.art/wp-content/uploads/2022/07/gluco-trust-review-2022-beware-w.jpg
IP 198.252.104.183:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash b011b956eed1f2ad8ab7192f34339d7d
34f6ce00e10071697367d46f087ed9313a3eacfa
673af94ee4700327fd992551ff28abf3dbffc8eaf346ba84c7fe9bf77abb8333
GET /wp-content/uploads/2022/07/gluco-trust-review-2022-beware-w.jpg HTTP/1.1
Host: glucotrust.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:32:20 GMT
content-type: image/jpeg
last-modified: Sun, 03 Jul 2022 03:30:22 GMT
accept-ranges: bytes
content-length: 91968
date: Wed, 23 Nov 2022 04:32:20 GMT
server: LiteSpeed
powdersvillepost.com/wp-content/uploads/2021/07/Metabofix-powder.jpg
161.35.230.231301 Moved Permanently 370 B URL HTTP/1.1 powdersvillepost.com/wp-content/uploads/2021/07/Metabofix-powder.jpg
IP 161.35.230.231:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2240e7e6f1b500ce51b95112caef5c23
0bd38b9c437f7d47ed0efea099b02d96f7ee85eb
de2dd544b34215268324805b03d97d4efc22361cc3d780e0d206569bfaa6119c
GET /wp-content/uploads/2021/07/Metabofix-powder.jpg HTTP/1.1
Host: powdersvillepost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache/2.4.54 (Debian)
Location: https://powdersvillepost.com/wp-content/uploads/2021/07/Metabofix-powder.jpg
Content-Length: 370
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
powdersvillepost.com/wp-content/uploads/2022/03/Ikaria-Lean-Belly-Juice-Powder-Reviews.jpg
161.35.230.231301 Moved Permanently 392 B URL HTTP/1.1 powdersvillepost.com/wp-content/uploads/2022/03/Ikaria-Lean-Belly-Juice-Powder-Reviews.jpg
IP 161.35.230.231:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 58779ea022374b93b976edf11bdf1cc4
e88443b09c748297b82e9edd5a8adc0e07b656ab
0add5ff8702290bbd4f04c5e46f237465e435fe73a8f19bd3c254aa8ffab89cc
GET /wp-content/uploads/2022/03/Ikaria-Lean-Belly-Juice-Powder-Reviews.jpg HTTP/1.1
Host: powdersvillepost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache/2.4.54 (Debian)
Location: https://powdersvillepost.com/wp-content/uploads/2022/03/Ikaria-Lean-Belly-Juice-Powder-Reviews.jpg
Content-Length: 392
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.voirvk.com/wp-content/themes/the-thinker-lite/fonts/genericons-regular-webfont.woff
174.136.13.138200 OK 11 kB URL HTTP/1.1 www.voirvk.com/wp-content/themes/the-thinker-lite/fonts/genericons-regular-webfont.woff
IP 174.136.13.138:0
File type Web Open Font Format, TrueType, length 11308, version 1.0\012- data
Hash e362afbf16f20f8289191f11f50147b7
5c25e5d160cea5cf4f9a908c5a374d272d14a3de
1201f0cf69294ee1471318553a7f288967e9bc748282b21d689c075738c0758e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/the-thinker-lite/fonts/genericons-regular-webfont.woff HTTP/1.1
Host: www.voirvk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.voirvk.com/wp-content/themes/the-thinker-lite/style.css?ver=4.9.18
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache
Last-Modified: Sat, 02 Oct 2021 06:09:29 GMT
Accept-Ranges: bytes
Content-Length: 11308
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: font/woff
appliedfoods.com/wp-content/uploads/2018/11/Longtuckys-Artisan-Copper-Pot-Stills.jpg
69.163.139.195200 OK 165 kB URL HTTP/1.1 appliedfoods.com/wp-content/uploads/2018/11/Longtuckys-Artisan-Copper-Pot-Stills.jpg
IP 69.163.139.195:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], progressive, precision 8, 890x916, components 3\012- data
Size 165 kB (165421 bytes)
Hash 259630187b816b4631b450680c4d1d84
ee19d70cea94998adfebfaab632fab961c9bb857
2e4ee958f84c08771cba7b353bded6d7379a35ea80e8a392e74e0453cfe383aa
GET /wp-content/uploads/2018/11/Longtuckys-Artisan-Copper-Pot-Stills.jpg HTTP/1.1
Host: appliedfoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache
ETag: "2862d-5b9597bfd9ec0"
Last-Modified: Wed, 20 Jan 2021 18:54:27 GMT
Content-Length: 165421
Referrer-Policy: no-referrer-when-downgrade
Content-Type: image/jpeg
Expires: Wed, 30 Nov 2022 04:32:20 GMT
X-Cacheable: YES:Forced
Cache-Control: must-revalidate, public, max-age=0
X-Varnish: 1577888
Age: 0
Via: 1.1 varnish (Varnish/6.5)
X-Cache: MISS
X-Powered-By: DreamPress
Accept-Ranges: bytes
Connection: keep-alive
i1.sndcdn.com/artworks-000662900533-m7d9sd-t500x500.jpg
143.204.55.50200 OK 31 kB URL HTTP/1.1 i1.sndcdn.com/artworks-000662900533-m7d9sd-t500x500.jpg
IP 143.204.55.50:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash ca30f97a7c0380a23bebcc0169ddae98
99e7bf862f4163133f7d3107ef44930d1a6199ac
b3824b18aa14dbc047426ef5fa84ae6bf1749a6c6b070cb1bdb040d6f3c22ac8
GET /artworks-000662900533-m7d9sd-t500x500.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3628800
Date: Wed, 23 Nov 2022 04:32:20 GMT
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SArIX-ibd-6IJo9AvzlF5oVNVHczx5BA5nL-fb1e4sid9w4ao_DsQg==
newsharper.com/wp-content/uploads/2020/06/Amy.jpg
104.21.17.141200 OK 51 kB URL HTTP/2 newsharper.com/wp-content/uploads/2020/06/Amy.jpg
IP 104.21.17.141:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 728x485, components 3\012- data
Hash 5f8e19005f9c3997997e4bbb0974d411
cc58e26241f553c126eda988e6e1e18401c281d0
c234627c35f34fa4c5eea5ac895e81fe654a3c649e4cd078e5e30d5f2d698110
GET /wp-content/uploads/2020/06/Amy.jpg HTTP/1.1
Host: newsharper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:20 GMT
content-type: image/jpeg
content-length: 50728
last-modified: Mon, 29 Jun 2020 14:01:57 GMT
etag: "5ef9f455-c628"
expires: Wed, 23 Nov 2022 04:39:34 GMT
cache-control: max-age=600, public
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm1f5TwdlVXXloQbEaN4bI%2FXNIUtka47I2cUSzOLsIs6qtYzf1GIubtWQkvAIVVrBaelgyQ6TTPu1CMuj3AiNDndLAf%2FwMWXeTHFk2ryOvcICNEVkK8lnII8CcwyK%2BzMog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e72e325e16b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
weknowyourdreams.com/image.php?pic=/images/casino/casino-08.jpg
78.46.106.103302 Found 153 B URL HTTP/1.1 weknowyourdreams.com/image.php?pic=/images/casino/casino-08.jpg
IP 78.46.106.103:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0d7513bd6a4bd4c56415dcafaf3ab4d5
1652554a21eb035019021add437d2434e205a625
49b298669d7e2ba21ae38a16b0e7924432510aa8dcc09d176786495a6cd721bb
GET /image.php?pic=/images/casino/casino-08.jpg HTTP/1.1
Host: weknowyourdreams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.voirvk.com/
Connection: keep-alive
HTTP/1.1 302 Found
Server: nginx/1.2.1
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive
X-Powered-By: PHP/5.4.45-0+deb7u1
Location: /single/casino/casino-08
Vary: Accept-Encoding
Content-Encoding: gzip
foodnurish.com/wp-content/uploads/2022/11/digestion.png
104.21.25.164200 OK 3.6 kB URL HTTP/2 foodnurish.com/wp-content/uploads/2022/11/digestion.png
IP 104.21.25.164:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash ac0acb5292ae80d07140212f2d6d46bf
c230376a36a3cf35d613f7d3a62f920c5cb5c0e6
587faac040091224fdbbca8e36f5e54c6fced99b4e0d434790745c7255759fde
GET /wp-content/uploads/2022/11/digestion.png HTTP/1.1
Host: foodnurish.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:20 GMT
content-type: image/png
content-length: 3612
cache-control: public, max-age=31536000
expires: Wed, 30 Nov 2022 04:32:20 GMT
last-modified: Sun, 06 Nov 2022 12:47:18 GMT
etag: "06367acd6-0;;;"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K85yU2DXKcf3ADeQuZkHw3yI7BiX%2FiOVlyDrO6iOgO3VNf4Vike5%2FMEeXW2WFweOcQ7JZKeXL6v%2BE3z%2BhQXQaz75k7VU2a6PXGkGJobFMigyay86orb53ww28qTQfnux3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e72e32b9fa0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.somabariatrics.com/wp-content/uploads/2018/09/Nancy.jpg
104.155.167.41200 OK 1.5 MB URL HTTP/1.1 www.somabariatrics.com/wp-content/uploads/2018/09/Nancy.jpg
IP 104.155.167.41:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Macintosh), datetime=2018:09:18 17:06:32], baseline, precision 8, 3000x3000, components 3\012- data
Size 1.5 MB (1522167 bytes)
Hash 72b85afb2307bc2533d8a95ea8f0e574
1a3cb008c29b0b52126751a47156a8555541634d
b8dadbca20b56e0fae2b5c25312602f619edc550192d630e0660361a912434d8
GET /wp-content/uploads/2018/09/Nancy.jpg HTTP/1.1
Host: www.somabariatrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/jpeg
Content-Length: 1522167
Last-Modified: Wed, 26 Sep 2018 14:47:15 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5bab9bf3-1739f7"
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com/wp-content/uploads/2022/08/30204534_web1_M2-Reliver-Pro-Benefits.jpg
94.31.29.99200 OK 73 kB URL HTTP/1.1 43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com/wp-content/uploads/2022/08/30204534_web1_M2-Reliver-Pro-Benefits.jpg
IP 94.31.29.99:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x853, components 3\012- data
Hash 886bbe29bc292d9f64fe7512c67ab63b
b6d498ef2bfdf8b7da4aec9599af2c169eb46747
2604a718cd48a1ad3264488968183b01b35fc3faf4385abd4674b4c508a7a4de
GET /wp-content/uploads/2022/08/30204534_web1_M2-Reliver-Pro-Benefits.jpg HTTP/1.1
Host: 43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/jpeg
Content-Length: 72819
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 07:11:38 GMT
ETag: "886bbe29bc292d9f64fe7512c67ab63b"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Expires: Fri, 23 Dec 2022 04:32:20 GMT
Cache-Control: max-age=2592000
Server: NetDNA-cache/2.2
X-Cache: MISS
leangene-jo.com/images/LEANGENE/Electrophoresis/Pltinum_6.png
199.116.77.213200 OK 1.4 MB URL HTTP/1.1 leangene-jo.com/images/LEANGENE/Electrophoresis/Pltinum_6.png
IP 199.116.77.213:0
ASN #54456 CLOUDACCESS-NETWORK
File type PNG image data, 1896 x 1318, 8-bit/color RGBA, non-interlaced\012- data
Size 1.4 MB (1380539 bytes)
Hash c17e92d8e5672f7ba47b053db1ec1966
c5f8b94c55237e2863725342100c2ac56c24d207
06e3c1d98a0c1e53158278069d81665da360fc660d1a10e7ee4cbcf860d8e678
GET /images/LEANGENE/Electrophoresis/Pltinum_6.png HTTP/1.1
Host: leangene-jo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache
Last-Modified: Thu, 10 Sep 2020 08:01:44 GMT
Accept-Ranges: bytes
Content-Length: 1380539
Keep-Alive: timeout=60
Connection: Keep-Alive
Content-Type: image/png
dermatologyalliancetx.com/wp-content/uploads/2015/06/juvederm-and-restylane-compressor.jpg
35.190.145.226200 OK 415 kB URL HTTP/1.1 dermatologyalliancetx.com/wp-content/uploads/2015/06/juvederm-and-restylane-compressor.jpg
IP 35.190.145.226:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2048x1429, components 3\012- data
Size 415 kB (414802 bytes)
Hash 87579c36d2285a1bb9f2d20992404e90
a6b8e16a02ff11b3bb227bcc4e11694e5f40a8ba
18635bd738829cd323ddafd780b820615e0fca48ba4c019c7122ed7cab967216
GET /wp-content/uploads/2015/06/juvederm-and-restylane-compressor.jpg HTTP/1.1
Host: dermatologyalliancetx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/jpeg
Content-Length: 414802
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 16 Feb 2019 08:07:58 GMT
ETag: "5c67c4de-65452"
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
www.solarenergydream.com/wp-content/uploads/2020/05/14a.jpg
107.189.128.130200 OK 42 kB URL HTTP/1.1 www.solarenergydream.com/wp-content/uploads/2020/05/14a.jpg
IP 107.189.128.130:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, progressive, precision 8, 600x351, components 3\012- data
Hash eddec71cbc131d82a9cc6161799519df
54b8317d20ceaff20042817123c63230cd74b333
55d840b31b44f383dbbc0012b8b3726b25b5b1686ba8e307a7d56b5bed5fbf04
GET /wp-content/uploads/2020/05/14a.jpg HTTP/1.1
Host: www.solarenergydream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:32:20 GMT
content-type: image/jpeg
last-modified: Wed, 06 May 2020 06:06:00 GMT
accept-ranges: bytes
content-length: 42353
date: Wed, 23 Nov 2022 04:32:20 GMT
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 44e81b7613621b2a9579c7b4f842cc9c
18b528a1a7de0ef5ff0cdc739b1c005bb6a53c81
212af8f3b5cbd238847c1d16f3cb2ea99377e53d212602d3eff46dbdeafc7e2c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 17:52:19 GMT
Expires: Sat, 26 Nov 2022 17:52:18 GMT
Etag: "18b528a1a7de0ef5ff0cdc739b1c005bb6a53c81"
Cache-Control: max-age=306596,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e72e326e48b521-OSL
mbiforlife.com/wp-content/uploads/2019/07/Glucostatin_60ct.jpg
151.101.2.159200 OK 113 kB URL HTTP/2 mbiforlife.com/wp-content/uploads/2019/07/Glucostatin_60ct.jpg
IP 151.101.2.159:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1100x1100, components 3\012- data
Size 113 kB (113431 bytes)
Hash 7f052ddb330812451e765853712312ac
f016ffdff9f5ddd2d2db8841dc94136418873ea5
761ec66560da5943a589260f97afb564fac9d78dc5ed330bbb5966e872aad22e
GET /wp-content/uploads/2019/07/Glucostatin_60ct.jpg HTTP/1.1
Host: mbiforlife.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.voirvk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 25 Jul 2019 22:53:57 GMT
etag: W/"5d3a3305-20cf7"
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-hash: nxjju76ftm
cache-control: public, max-age=31536000
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 23 Nov 2022 04:32:21 GMT
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669177941.675002,VS0,VE402
vary: Accept-Encoding, Authorization
x-fw-serve: TRUE
x-fw-static: YES
x-fw-type: VISIT
content-length: 113431
X-Firefox-Spdy: h2
thehealthmags.com/wp-content/uploads/2021/05/Dentitox-Pro-Review.jpg
172.67.181.105301 Moved Permanently 694 B URL HTTP/1.1 thehealthmags.com/wp-content/uploads/2021/05/Dentitox-Pro-Review.jpg
IP 172.67.181.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash c9e760b83a4d479f53877a4a9c81e1c6
c8fe2c0c0d61eb4ff3dba7799196b899c7359baa
75d9c9b24b6b7a51cddbd2b86a7b6571b69c1bd1ffa5b92d6da92f125f68e5d7
GET /wp-content/uploads/2021/05/Dentitox-Pro-Review.jpg HTTP/1.1
Host: thehealthmags.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://thehealthmags.com/wp-content/uploads/2021/05/Dentitox-Pro-Review.jpg
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QytmJHLLMuFNrqIMOJ%2B2sty0iAYjLIr7ewEk4OxRb%2BB0XgtQTqfkPM5jx2ccK90J41mu4FcFuP%2FTz2MgHZMvTDBZMFNMXu0TqOOiyhGeK5KBhw1Suzu%2BbS30NNsNPYQWlZDf5A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e322bef0b31-OSL
alt-svc: h2=":443"; ma=60
43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com/wp-content/uploads/2021/06/25548844_web1_M-ADW-20210618-Amyl-Guard-Supplement-Facts.jpeg
94.31.29.99200 OK 90 kB URL HTTP/1.1 43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com/wp-content/uploads/2021/06/25548844_web1_M-ADW-20210618-Amyl-Guard-Supplement-Facts.jpeg
IP 94.31.29.99:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 1280x715, components 3\012- data
Hash b33b13f2fee18a87e829fb381f1343bc
1c8484d6bf26446ad71456753225fe2a32cd4cb8
dfc07cdea18115b9559720f900aa92a0bd3a67ed6bffef8bbd4a72ce1210ae89
GET /wp-content/uploads/2021/06/25548844_web1_M-ADW-20210618-Amyl-Guard-Supplement-Facts.jpeg HTTP/1.1
Host: 43d897265kne3ed0qv2ecjw2-wpengine.netdna-ssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/jpeg
Content-Length: 90288
Connection: keep-alive
Last-Modified: Wed, 30 Jun 2021 07:12:50 GMT
ETag: "b33b13f2fee18a87e829fb381f1343bc"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Expires: Fri, 23 Dec 2022 04:32:20 GMT
Cache-Control: max-age=2592000
Server: NetDNA-cache/2.2
X-Cache: MISS
leannutraceuticals.com/wp-content/uploads/2019/03/MD1550-9.jpg
172.67.147.243200 OK 35 kB URL HTTP/1.1 leannutraceuticals.com/wp-content/uploads/2019/03/MD1550-9.jpg
IP 172.67.147.243:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 352x294, components 3\012- data
Hash 1790022a26c4c60173794c69dcbe536e
371dfce83da2999e4755deb2dbc190f32f09c71e
9f540403706ebefc1d9af9b1e5826885e04b994bd0b041dab2a327902ba18bdd
GET /wp-content/uploads/2019/03/MD1550-9.jpg HTTP/1.1
Host: leannutraceuticals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:21 GMT
Content-Type: image/jpeg
Content-Length: 34588
Connection: keep-alive
Last-Modified: Tue, 19 Mar 2019 05:08:29 GMT
Cache-Control: max-age=2678400
Expires: Wed, 23 Nov 2022 10:32:20 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RC%2FN2v%2FVlw89UHNFVNJQ7g9SEZPtTAsFEEBcQutdqaSwcIDybbujV4UTkcw0Q97ImVDGvXt4Z62ZNffhbrITb5CqYjUsnNxUCCUolXfmYGhe8a12uGMSVfXvyu%2FrR4vchzUYHnurU%2FJk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e72e315d93b51e-OSL
alt-svc: h2=":443"; ma=60
www.burnhallhotelyork.com/wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg
199.36.158.100301 Moved Permanently 113 B URL HTTP/2 www.burnhallhotelyork.com/wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg
IP 199.36.158.100:0
File type ASCII text, with no line terminators
Hash 2edc10877277c433d36aee1fd377e07b
a1e385574ad82d99e98d8c34dcf9e98e1a08ee18
5103835720143dc0cb025dee9a38e25ada1d9e2078378eb4b5967c1e5546cd4d
GET /wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg HTTP/1.1
Host: www.burnhallhotelyork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
cache-control: max-age=8640000
location: https://burnhallhotelyork.com/wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Wed, 23 Nov 2022 04:32:21 GMT
x-served-by: cache-bma1637-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669177941.164536,VS0,VE38
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
X-Firefox-Spdy: h2
www.noragouma.com/wp-content/uploads/2016/03/invicta.png
35.197.227.153200 OK 181 kB URL HTTP/1.1 www.noragouma.com/wp-content/uploads/2016/03/invicta.png
IP 35.197.227.153:0
File type PNG image data, 638 x 500, 8-bit/color RGB, non-interlaced\012- data
Size 181 kB (181205 bytes)
Hash a1c741adadd90949f4f503887c17dd3a
636fd80d1e39d490f81939fa060228d868c78c97
e98129ecd1664ffbd79d498a47a82c2899c5f8464ca03301d484b4aff0c5a27f
GET /wp-content/uploads/2016/03/invicta.png HTTP/1.1
Host: www.noragouma.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 04:32:20 GMT
Content-Type: image/png
Content-Length: 181205
Connection: keep-alive
Last-Modified: Fri, 25 Mar 2016 15:45:09 GMT
ETag: "56f55d05-2c3d5"
Expires: Thu, 23 Nov 2023 04:32:20 GMT
Cache-Control: max-age=31536000
X-CDN-C: static
X-SG-CDN: 1
X-Proxy-Cache: MISS
X-Proxy-Cache-Info: 0 NC:000000 UP:
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Accept-Ranges: bytes
charlotterehab.org/wp-content/uploads/2020/07/HairFortin-Customer-Reviews.jpg
107.178.71.122200 OK 77 kB URL HTTP/1.1 charlotterehab.org/wp-content/uploads/2020/07/HairFortin-Customer-Reviews.jpg
IP 107.178.71.122:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x500, components 3\012- data
Hash b7b6d7c49653d10ee5926e122a9be6f7
1b8dde48560e17b90b8a95ce152af695aeebd166
3e44925e2f0eb1eddbdee6aa5b49106eb55750cb0beb12e9d4bc5df186a0732c
GET /wp-content/uploads/2020/07/HairFortin-Customer-Reviews.jpg HTTP/1.1
Host: charlotterehab.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=10368000,public
expires: Thu, 23 Mar 2023 04:32:20 GMT
content-type: image/jpeg
last-modified: Fri, 03 Jul 2020 09:28:08 GMT
accept-ranges: bytes
content-length: 76558
date: Wed, 23 Nov 2022 04:32:20 GMT
vary: Accept-Encoding
i.ibb.co/qgpbV2h/Alpha-Xtra-Boost-reviews.png
51.210.32.132200 OK 65 kB URL HTTP/2 i.ibb.co/qgpbV2h/Alpha-Xtra-Boost-reviews.png
IP 51.210.32.132:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash d72364824bc288e05f0b4f92ab84b52c
64ce3bdfa7ad169218deb6a22feff0f8ee277f64
72b8a07ce9a44dda208ff47f5ccd09cdbcfbcd8cb153b4b8c43e64dc47b162d5
GET /qgpbV2h/Alpha-Xtra-Boost-reviews.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:32:21 GMT
content-type: image/png
content-length: 64617
last-modified: Fri, 02 Jul 2021 12:26:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3bda2defa4d5bae4547d93c50934069f
0f6c6db0cf8b83d98d3da228629f805ba04c40e4
f13ba920d01c89afb10d7f8c0b4b54df6c8e7add41676f732b27bf3632059d50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=152889
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:21 GMT
Etag: "637d548e-117"
Expires: Thu, 24 Nov 2022 23:00:30 GMT
Last-Modified: Tue, 22 Nov 2022 23:00:30 GMT
Server: nginx
Content-Length: 279
humandiaries.com/wp-content/uploads/2015/01/Weight-Loss.jpg
162.144.112.8301 Moved Permanently 275 B URL HTTP/1.1 humandiaries.com/wp-content/uploads/2015/01/Weight-Loss.jpg
IP 162.144.112.8:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5cf1deda3ac1f188011b0d314c2e38ab
e34885362ed4938c12567344ec74e8c64c5e37dd
2c39291170d829de930f995dbc0a516437ae1e8c20642b3b55cef3d4fe943c2f
GET /wp-content/uploads/2015/01/Weight-Loss.jpg HTTP/1.1
Host: humandiaries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:21 GMT
Server: Apache
Location: https://humandiaries.com/wp-content/uploads/2015/01/Weight-Loss.jpg
Content-Length: 275
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
weknowyourdreams.com/single/casino/casino-08
78.46.106.103200 OK 2.9 kB URL HTTP/1.1 weknowyourdreams.com/single/casino/casino-08
IP 78.46.106.103:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 0348d816cd706eabce6b0fe6a0dccaa6
7f76e1d4ac1e4a34d104c686ccbe3e0732408f05
207319d9c135a6245b051b15c795921e3115d655c25fde11a2ae62677899ab2e
GET /single/casino/casino-08 HTTP/1.1
Host: weknowyourdreams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.voirvk.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.2.1
Date: Wed, 23 Nov 2022 04:32:21 GMT
Content-Type: text/html
Content-Length: 2867
Connection: keep-alive
X-Powered-By: PHP/5.4.45-0+deb7u1
Vary: Accept-Encoding
Content-Encoding: gzip
claritoxprooffer.com/wp-content/uploads/2021/08/Claritox-Pro-packages.jpg
50.87.249.222200 OK 72 kB URL HTTP/1.1 claritoxprooffer.com/wp-content/uploads/2021/08/Claritox-Pro-packages.jpg
IP 50.87.249.222:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1041x694, components 3\012- data
Hash 5e6b13c285dd1b336da52426e9d1237b
0b5a7fdf7a73801a73c5a2b540e1daa21853de8b
dfa81faacb9df564d1e094bf320ae78c6b08b1f29f45a916dc0befb6561b0826
GET /wp-content/uploads/2021/08/Claritox-Pro-packages.jpg HTTP/1.1
Host: claritoxprooffer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:20 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Wed, 11 Aug 2021 15:24:51 GMT
Accept-Ranges: bytes
Content-Length: 72055
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type: image/jpeg
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash bff28390871cf38fce176dccde529f8c
efcb7376ec0c39e5858c3514202030315e7a8049
66dd592e77ed9dd528bdb8d315c54d0b970fc33e42219b0fb9e977f9dd20cfe8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107186
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:21 GMT
Etag: "637ca207-118"
Expires: Thu, 24 Nov 2022 10:18:47 GMT
Last-Modified: Tue, 22 Nov 2022 10:18:47 GMT
Server: nginx
Content-Length: 280
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3035979c70885442e09c2c6f29da9c47
08ffd080518314e7a9955492d774279e0b8ddd14
a448f2f6157eef154a0d8df38bb4d7768219cbe108f2d6765e93847caab5dd3a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 23 Nov 2022 04:32:21 GMT
Etag: "637c99a9-1d7"
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pg-Cfp_SOLK0E8le15CfbGt5mFf6g8r0nYliWpdJbI9ZXLJR7qcdLA==
s1.studylibfr.com/store/data/010140003_1-7e2ff5f370965f36dd6109fb9464403f-300x300.png
104.21.49.112200 OK 14 kB URL HTTP/2 s1.studylibfr.com/store/data/010140003_1-7e2ff5f370965f36dd6109fb9464403f-300x300.png
IP 104.21.49.112:0
File type PNG image data, 231 x 300, 8-bit colormap, non-interlaced\012- data
Hash 50886acb94e900d0735208f7e27e61a7
88880e497232c6afda2adddf95f4b1cfddaa09d0
422a25e884660a5cfd7ee181fec0c72e7bf36414ee57606c7e9c82b00837d2ec
GET /store/data/010140003_1-7e2ff5f370965f36dd6109fb9464403f-300x300.png HTTP/1.1
Host: s1.studylibfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:21 GMT
content-type: image/png;charset=UTF-8
content-length: 13657
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges,Access-Control-Allow-Origin,Content-Range,Access-Control-Allow-Credentials,Content-Encoding,Content-Length
cache-control: max-age=5184000
expires: Sun, 22 Jan 2023 04:32:21 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Nov 2022 04:32:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuXG7LTF4NxE%2FFRHmdfyXc1z3sHpMN4aO13u7ADZJMd%2FZ5028zGQZhavrS6fxJzIww0TEPDZNR7%2FcfNYeUrtNProXAkQmH7DCo5Fix%2FLl8vX7S5JvJcIHs7ViKr6MDlh9n5Emw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e72e343efeb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.ibb.co/FzSJ3y2/protetox-2.png
51.210.32.132200 OK 716 kB URL HTTP/2 i.ibb.co/FzSJ3y2/protetox-2.png
IP 51.210.32.132:0
File type PNG image data, 982 x 618, 8-bit/color RGB, non-interlaced\012- data
Size 716 kB (716243 bytes)
Hash c4678315751f8c16b0c87b1f2242b768
a3490c44f3326cb205779508e48580f2f1e7fb8a
daa88617aaa8353bf1e05816afb8cd6187a6aaf6e5ece5d82a36a345d944ad2d
GET /FzSJ3y2/protetox-2.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:32:21 GMT
content-type: image/png
content-length: 716243
last-modified: Sat, 30 Jul 2022 20:54:37 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.farmaspeed.it/img_500_182026.jpg
195.231.18.88200 OK 246 kB URL HTTP/2 www.farmaspeed.it/img_500_182026.jpg
IP 195.231.18.88:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size 246 kB (246549 bytes)
Hash 7c587bda380cbbcff5c9844146d7f730
67337094533f48e74f7c3cad557645f9cdca754b
a3c7aa132f7205868a14b3d99eeff74d114f71550675c3bcc1381e96c35f3ce1
GET /img_500_182026.jpg HTTP/1.1
Host: www.farmaspeed.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=300
content-type: image/jpeg
expires: Wed, 23 Nov 2022 04:37:21 GMT
last-modified: Fri, 18 Feb 2022 18:23:40 GMT
etag: "qPCNoM3v89+d7uygKHreqU7iB4+Rx3rqfeVlu+xoKLQ="
vary: *
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 23 Nov 2022 04:32:20 GMT
content-length: 246549
X-Firefox-Spdy: h2
www.newhealthguide.org/images/10440011/image001.jpg
172.67.139.35200 OK 16 kB URL HTTP/2 www.newhealthguide.org/images/10440011/image001.jpg
IP 172.67.139.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 37x37, segment length 16, progressive, precision 8, 301x260, components 3\012- data
Hash d935c82951921afd42dd703d83b6d5fe
6a047bc80413225fc15acbb98b5f5abd83785aef
e8341919a7f5b95772d7e5825355f6a8b15c55fc5e73222cbaace9376f6b5d1b
GET /images/10440011/image001.jpg HTTP/1.1
Host: www.newhealthguide.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:21 GMT
content-type: image/jpeg
content-length: 15735
last-modified: Sat, 25 Oct 2014 08:21:17 GMT
etag: "544b5d7d-3d77"
expires: Wed, 30 Nov 2022 04:32:21 GMT
cache-control: max-age=604800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXuVOyQXhCrXbbx0P6FOP5X7RqM48ICEOuuF8uirnj%2FPx%2FQG6OIu6XynZWcz%2Bfhb4NyCIXGp31t322vmd0AKVhfsH9Vu%2FQYbrmLhBSTKEN2jVbLcJ0y5CxK%2F23C2n8TWOY57zDjAI%2FXN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e72e32c9f6b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a85b64c292e0b3bb53b163a3f1f9a9e9
aa4055b3a27d47441d74a7b19d481d108e96f291
37e9f329e7e04086c8ae6ce04b568173551f29c745cb71ca2c5610d4e64398cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 19 Nov 2022 18:03:14 GMT
Expires: Sat, 26 Nov 2022 18:03:13 GMT
Etag: "aa4055b3a27d47441d74a7b19d481d108e96f291"
Cache-Control: max-age=307251,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e72e34ffb0b521-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a3175d29e96e7582d845f245e16499c5
bca912e54cc353fb6220b5a882a8b670cf31e905
51c6adac4772fdc3be5f75ef2c3f412b04b7a94518fb6eaa20b7c6ce9cf6b3d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110403
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:21 GMT
Etag: "637cae98-117"
Expires: Thu, 24 Nov 2022 11:12:24 GMT
Last-Modified: Tue, 22 Nov 2022 11:12:24 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8fd36a3b6db4658d7f1e4106cf2d1df1
b70596c701ae83901372fa3c8a27191d8616cc1f
71a156699e0ff49fb7cc327be1e8fb70e1187b99f65786821eb68a2258dd82ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107892
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:21 GMT
Etag: "637ca4c9-117"
Expires: Thu, 24 Nov 2022 10:30:33 GMT
Last-Modified: Tue, 22 Nov 2022 10:30:33 GMT
Server: nginx
Content-Length: 279
assets.thehansindia.com/h-upload/2021/04/02/1065818-weight-loss.png
104.21.18.244200 OK 724 kB URL HTTP/2 assets.thehansindia.com/h-upload/2021/04/02/1065818-weight-loss.png
IP 104.21.18.244:0
File type PNG image data, 1000 x 600, 8-bit/color RGB, interlaced\012- data
Size 724 kB (724471 bytes)
Hash 8f66a020590f665284cc3e582a62f158
314dbc9969751adc856767b2e2777c2b44284924
30d4a5c278c559f19dab719b1b352fc88a1e970951716e8d48a4f552683bf69f
GET /h-upload/2021/04/02/1065818-weight-loss.png HTTP/1.1
Host: assets.thehansindia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:21 GMT
content-type: image/png
content-length: 724471
vary: Accept-Encoding
etag: "724471-1662202162016"
cache-control: public, max-age=25920000
last-modified: Sat, 03 Sep 2022 10:49:22 GMT
cf-cache-status: HIT
age: 24705
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2B0ynhcR%2Fs8SqdjzPTZ1iQTzXtZ0qYX6XxIjfCDrjIV86FAwC%2BSe1tUZxLA7NdRtY9Zm15ivVn04rVBePso10%2B49zDaJg4MRv3t7O3frwJW6%2FktELIdpuaA5pzjDCRytKHWR8%2FoMyAbmTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e72e365bc60b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash baa04b896638a80895d569f32f7ed879
daf57ce108e776697a436dd9a580fbd99473e45d
959e4e0a1171de43447c248b95374ccd0cd15283f56d97f2a1c95bf483bdb655
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=98600
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:21 GMT
Etag: "637c807d-117"
Expires: Thu, 24 Nov 2022 07:55:41 GMT
Last-Modified: Tue, 22 Nov 2022 07:55:41 GMT
Server: nginx
Content-Length: 279
cdn.simpletix.com/749c8f27-c3c5-4972-b0ce-8ecf5933a92d/shows/FaceBook_CasinoNight2020.png?mode=crop&maxwidth=600&maxheight=315&format=jpg&404=blank
152.199.21.175200 OK 3.0 MB URL HTTP/1.1 cdn.simpletix.com/749c8f27-c3c5-4972-b0ce-8ecf5933a92d/shows/FaceBook_CasinoNight2020.png?mode=crop&maxwidth=600&maxheight=315&format=jpg&404=blank
IP 152.199.21.175:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 6000x3800, components 3\012- data
Size 3.0 MB (2974380 bytes)
Hash a8f4b5694cccb91b0946044b3d01b341
0cbce1d91f8d8face3e8f03d91643f2604dcb812
aa95461d83d0de3bb7cbacf5434935dcf3e1770c2737016d82819f54d1d61da7
GET /749c8f27-c3c5-4972-b0ce-8ecf5933a92d/shows/FaceBook_CasinoNight2020.png?mode=crop&maxwidth=600&maxheight=315&format=jpg&404=blank HTTP/1.1
Host: cdn.simpletix.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Content-MD5: qPS1aUzMuRsJRgRLPQGzQQ==
Content-Type: image/png
Date: Wed, 23 Nov 2022 04:32:20 GMT
Etag: 0x8D7775FEE347296
Last-Modified: Mon, 02 Dec 2019 19:43:39 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: f82ae9f6-801e-016d-04f4-fe0195000000
x-ms-version: 2009-09-19
Content-Length: 2974380
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b493c1f7059668e9d8f05882c04e35c0
8f6010e6c24d5941035e8b7bae7f56916aff805c
b390c4be69c1b157428f7d3128d1251e88541a9c6bf2f372fa13bc6d92fd9715
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=118001
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:21 GMT
Etag: "637ccc46-116"
Expires: Thu, 24 Nov 2022 13:19:02 GMT
Last-Modified: Tue, 22 Nov 2022 13:19:02 GMT
Server: nginx
Content-Length: 278
www.adwadi.com/images/listings/2019-11/bigThmb/luxury_yacht_rental_dubai_yacht_rental_d-1573905986-673-e.jpg
104.21.86.96200 OK 34 kB URL HTTP/2 www.adwadi.com/images/listings/2019-11/bigThmb/luxury_yacht_rental_dubai_yacht_rental_d-1573905986-673-e.jpg
IP 104.21.86.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 588x420, components 3\012- data
Hash c559fbe1f86afac1fb43467161c17afc
25b1569f20274c34417565cd41979210f30cbced
04b36920876df0f0e76962f5576ce98a472244115ca0b3a1e2e0f5f22693c55c
GET /images/listings/2019-11/bigThmb/luxury_yacht_rental_dubai_yacht_rental_d-1573905986-673-e.jpg HTTP/1.1
Host: www.adwadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:21 GMT
content-type: image/jpeg
content-length: 33551
last-modified: Sat, 16 Nov 2019 12:06:26 GMT
etag: "830f-597758b349480"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWUfc0xF0QW87UpJ0w%2BQGUPQwgGxBOk8xtW7cm7yZskG43kvZTtoA09GAa9JUwo1MFzPwwAcJ2roN6q5EXNjtjjWoseIn4FMC3QHUVm3LnlbZR5%2FDdHgQlK4qkbMCo%2BKYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e72e354f34b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/A3XRcz1iewQ
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/A3XRcz1iewQ
IP 142.250.74.35:0
Hash f96efa7b1683f2c621f664a5398eb271
e9b221e13256d6c623ad08fbd9467fb34b19d45a
0404c598b4d413a537bdfc07f9e8a21bc5e06359f7a2d7ebd6f01c1a2a983d1d
POST /s/gts1d4/A3XRcz1iewQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d5df0eddd4e7e75cd33a956d130c95e
a6114efd0c56b2976ad5c7987ffea6bac9e03a08
9074c94d861720a6264d46373905ca9af9545d90efdeab0b3d77de5b7f79facc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9074C94D861720A6264D46373905CA9AF9545D90EFDEAB0B3D77DE5B7F79FACC"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10314
Expires: Wed, 23 Nov 2022 07:24:15 GMT
Date: Wed, 23 Nov 2022 04:32:21 GMT
Connection: keep-alive
www.netnutri.com/media/catalog/product/cache/17/image/650x/d9c70597da8a9cb2926ef4bca3f81833/6/3/631257631237.jpg
172.67.82.68200 OK 87 kB URL HTTP/2 www.netnutri.com/media/catalog/product/cache/17/image/650x/d9c70597da8a9cb2926ef4bca3f81833/6/3/631257631237.jpg
IP 172.67.82.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 650x650, components 3\012- data
Hash 0d384841c650cf823b9b55a1c16c3cd7
225948b3a12b4a7bba3f2458a078fbaa58c070d5
ab1c3a500853dce8e244d0c69400b11f6f05d75a9da72e45a4d52dbb52ade835
GET /media/catalog/product/cache/17/image/650x/d9c70597da8a9cb2926ef4bca3f81833/6/3/631257631237.jpg HTTP/1.1
Host: www.netnutri.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:21 GMT
content-type: image/jpeg
content-length: 86613
last-modified: Thu, 23 Jul 2020 20:25:48 GMT
etag: "5f19f24c-15255"
expires: Fri, 23 Dec 2022 04:32:21 GMT
cache-control: max-age=2592000
x-powered-by: Magic
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcR6HX0ocnSQiOq6mlcZmfTPxU7JjyB4UcB5ueS7LcCTc4xkSy%2FlDeQvQBsmGoZkTCztLudr8kD4lLsevOqmN4jwDgpC8b51d4viOl6J%2FNvYUUQsOM5K11EpVTv6EGGExuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e72e329c10b506-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 48a959346b68d5a18d6bc0683a658500
6c32193c0ad6b411bde766f08119f0b23ee7af86
e6d7c92ece2f3f11cc8a5faf60895323db10d1de0c5858b2c37e30e30a30e5dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6D7C92ECE2F3F11CC8A5FAF60895323DB10D1DE0C5858B2C37E30E30A30E5DD"
Last-Modified: Tue, 22 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21520
Expires: Wed, 23 Nov 2022 10:31:01 GMT
Date: Wed, 23 Nov 2022 04:32:21 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 18edbccd778227b2e9aa6a4174d1408d
74f6efb66cbb4be34ff2d6c8c036646c6c5d3258
3f4bb698547ecadb50bf5f1151ed2244460676ac57019c2c5df774e2d5372e9b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 19:52:21 GMT
Expires: Tue, 29 Nov 2022 19:52:20 GMT
Etag: "74f6efb66cbb4be34ff2d6c8c036646c6c5d3258"
Cache-Control: max-age=572998,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e72e363832b521-OSL
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 39acc93cd4d52061b7c522f7be52d198
22f95ed472ae7548102c8091d4c1840dcecc3b39
6731c9d466cec8913c5bc09fe2e11f7a6d1665ebc1300f778eb25d03fb2300f1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6731C9D466CEC8913C5BC09FE2E11F7A6D1665EBC1300F778EB25D03FB2300F1"
Last-Modified: Mon, 21 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4813
Expires: Wed, 23 Nov 2022 05:52:34 GMT
Date: Wed, 23 Nov 2022 04:32:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 810b1ba579819b1b24481182d3847cb2
6e347f1a5ee716684a41a4027d56881873ed34fc
61d81bc5d7a8bd4e2ff02dcacc517d83fe45c3a5d7224e5e2d0e9ee085a41505
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=149652
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:21 GMT
Etag: "637d47e9-2d7"
Expires: Thu, 24 Nov 2022 22:06:33 GMT
Last-Modified: Tue, 22 Nov 2022 22:06:33 GMT
Server: nginx
Content-Length: 727
guardian.ng/wp-content/uploads/2017/10/Dollarphotoclub_60215932.jpg
35.186.215.69200 OK 4.5 MB URL HTTP/2 guardian.ng/wp-content/uploads/2017/10/Dollarphotoclub_60215932.jpg
IP 35.186.215.69:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 5472x3648, components 3\012- data
Size 4.5 MB (4474624 bytes)
Hash ce4f75969aeef5c16909777b44b61f27
d6504348d54146ead8de719c40ac55f47f4934ce
6408b15e35a318a660a56168121bf01be39c357a16c67398b2b9df5ce39225d8
GET /wp-content/uploads/2017/10/Dollarphotoclub_60215932.jpg HTTP/1.1
Host: guardian.ng
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:32:21 GMT
content-type: image/jpeg
content-length: 4474624
last-modified: Tue, 10 Oct 2017 14:40:03 GMT
etag: "59dcdbc3-444700"
accept-ranges: bytes
via: 1.1 google
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3bda2defa4d5bae4547d93c50934069f
0f6c6db0cf8b83d98d3da228629f805ba04c40e4
f13ba920d01c89afb10d7f8c0b4b54df6c8e7add41676f732b27bf3632059d50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:21 GMT
Etag: "637d548e-117"
Server: ECS (amb/6B97)
Content-Length: 279
burnhallhotelyork.com/wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg
199.36.158.100200 OK 2.3 kB URL HTTP/2 burnhallhotelyork.com/wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg
IP 199.36.158.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8749)
Hash f0ed30341221fae00858167dbd6ce43d
311c3f1e1ec929665f29811f4edc01ad00261ef3
62934fe552938a748309f5f8898efd8fa23a500860557f7077d3c13dfbc509a0
GET /wp-content/uploads/2017/04/Burn-Hall-Hotel-afternoon-tea-300x200.jpg HTTP/1.1
Host: burnhallhotelyork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=8640000
content-encoding: br
content-type: text/html; charset=utf-8
etag: "37e0bd37de98c0e6607c77934e6d063cf402c21554a80bcb696f50e425bb0873-br"
last-modified: Thu, 16 Jun 2022 13:08:02 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Wed, 23 Nov 2022 04:32:21 GMT
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669177942.687062,VS0,VE134
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2289
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/MSr9q8ajZiA
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/MSr9q8ajZiA
IP 142.250.74.35:0
Hash 7372f6b6e87caffe212badc0d61a4e8f
29314e2e911a4a28fc0f1c510ea2569372a6dda2
b8dd4d203e5911e5a91b2d8f48c238e87d50411ca46ca140fd56ebd2ead28644
POST /s/gts1d4/MSr9q8ajZiA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fcc08ce80b19a70cf0e56e705c78e6b9
53159e7c22d03bfe2065d043b9d1c8490b5b2109
2e68f6f4f7d31feaa17791727e570731a444f37a48518a0093fc7d8ec0d2db38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E68F6F4F7D31FEAA17791727E570731A444F37A48518A0093FC7D8EC0D2DB38"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 23 Nov 2022 10:32:21 GMT
Date: Wed, 23 Nov 2022 04:32:21 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ecf7f2e06563c21f62f6c878d648d38b
e10ce3b9d217f176a52570bccc238d29c56b3f47
14f0c4559bde0a1d692153c79e52a019c446dcfccdf58f4706e69b884bb3789f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139609
Date: Wed, 23 Nov 2022 04:32:21 GMT
Etag: "637d20ae-1d7"
Expires: Thu, 24 Nov 2022 19:19:10 GMT
Last-Modified: Tue, 22 Nov 2022 19:19:10 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SphPSnYTqPm84jX-V-6ij-LBfdlXgr2kwxYVwbxYBrEb4ViXEqe1Pg==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fcc08ce80b19a70cf0e56e705c78e6b9
53159e7c22d03bfe2065d043b9d1c8490b5b2109
2e68f6f4f7d31feaa17791727e570731a444f37a48518a0093fc7d8ec0d2db38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E68F6F4F7D31FEAA17791727E570731A444F37A48518A0093FC7D8EC0D2DB38"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21499
Expires: Wed, 23 Nov 2022 10:30:40 GMT
Date: Wed, 23 Nov 2022 04:32:21 GMT
Connection: keep-alive
media1.fdncms.com/orlando/imager/u/slideshow/28060522/steel-bite-pro-reviews-report-00.jpg
209.104.5.203200 OK 32 kB URL HTTP/1.1 media1.fdncms.com/orlando/imager/u/slideshow/28060522/steel-bite-pro-reviews-report-00.jpg
IP 209.104.5.203:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x388, components 3\012- data
Hash 231eda31ad346cac2fbf7ab2775805e4
ccc2abf94ed6148715009301feec768a17b9348e
bd1beeed43580a98068c50c187658156e63cc415a3077344faeb193f88802e4c
GET /orlando/imager/u/slideshow/28060522/steel-bite-pro-reviews-report-00.jpg HTTP/1.1
Host: media1.fdncms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:21 GMT
Server: Apache
Last-Modified: Fri, 14 Oct 2022 00:03:19 GMT
Content-Length: 31880
X-DN-Cache-Control: max-age=2419202
Expires: Mon, 19 Dec 2022 19:09:23 GMT
Cache-Control: max-age=21600, s-maxage=21600
X-Gyrobase-Publication: orlando
Age: 120180
Content-Type: image/jpeg
Strict-Transport-Security: max-age=3600; includeSubDomains
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a49f68b68c07241fa43dd3364ce03b41
91345cdc72b0e8dda9c910469d23aaed59e810e5
269a9be2de7e33e3ffca7f9c7a5dc64f00cc02280416d41ba0d0d0433758e624
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 09:16:14 GMT
Expires: Tue, 29 Nov 2022 09:16:13 GMT
Etag: "91345cdc72b0e8dda9c910469d23aaed59e810e5"
Cache-Control: max-age=534830,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e72e396ec4fac4-OSL
hudsonpoint.com/wp-content/uploads/real-estate-bg.jpg
107.180.51.35200 OK 480 kB URL HTTP/2 hudsonpoint.com/wp-content/uploads/real-estate-bg.jpg
IP 107.180.51.35:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2560x1706, components 3\012- data
Size 480 kB (479557 bytes)
Hash 242411d784a19febd213906ae46a8bd1
5d80ffe202cc050e18ba10d88f3961d4329ad992
e97e6c546ec414b16a503985655ee8b35b63a02f5026de8df6f9e51c8113b498
GET /wp-content/uploads/real-estate-bg.jpg HTTP/1.1
Host: hudsonpoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 24 Mar 2021 21:15:50 GMT
etag: "35e48e2-75145-5be4ecdacbe23"
accept-ranges: bytes
content-length: 479557
content-type: image/jpeg
date: Wed, 23 Nov 2022 04:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/A3XRcz1iewQ
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/A3XRcz1iewQ
IP 142.250.74.35:0
Hash f96efa7b1683f2c621f664a5398eb271
e9b221e13256d6c623ad08fbd9467fb34b19d45a
0404c598b4d413a537bdfc07f9e8a21bc5e06359f7a2d7ebd6f01c1a2a983d1d
POST /s/gts1d4/A3XRcz1iewQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d5df0eddd4e7e75cd33a956d130c95e
a6114efd0c56b2976ad5c7987ffea6bac9e03a08
9074c94d861720a6264d46373905ca9af9545d90efdeab0b3d77de5b7f79facc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9074C94D861720A6264D46373905CA9AF9545D90EFDEAB0B3D77DE5B7F79FACC"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10313
Expires: Wed, 23 Nov 2022 07:24:15 GMT
Date: Wed, 23 Nov 2022 04:32:22 GMT
Connection: keep-alive
www.oregonlive.com/resizer/jAOi_yXDywKoKI-xPsaxhZMumSA=/1280x0/smart/advancelocal-adapter-image-uploads.s3.amazonaws.com/image.oregonlive.com/home/olive-media/width2048/img/oregonian/photo/2017/02/14/-178f0120cea51414.jpg
2.21.8.66200 OK 210 kB URL HTTP/2 www.oregonlive.com/resizer/jAOi_yXDywKoKI-xPsaxhZMumSA=/1280x0/smart/advancelocal-adapter-image-uploads.s3.amazonaws.com/image.oregonlive.com/home/olive-media/width2048/img/oregonian/photo/2017/02/14/-178f0120cea51414.jpg
IP 2.21.8.66:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x854, components 3\012- data
Size 210 kB (209451 bytes)
Hash fc8e83d9ac75596e6cb7a2a799d17443
5baca172fda31f9a4e50a7823b620b7e5e4c091d
48d73fc0d17dfca16949e3106fef0819ed6a77532183083907796207787bb60e
GET /resizer/jAOi_yXDywKoKI-xPsaxhZMumSA=/1280x0/smart/advancelocal-adapter-image-uploads.s3.amazonaws.com/image.oregonlive.com/home/olive-media/width2048/img/oregonian/photo/2017/02/14/-178f0120cea51414.jpg HTTP/1.1
Host: www.oregonlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.voirvk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "5baca172fda31f9a4e50a7823b620b7e5e4c091d"
last-modified: Fri, 04 Nov 2022 02:44:47 GMT
server: Akamai Image Manager
akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
x-edgeconnect-cache-status: 1
content-length: 209451
content-type: image/jpeg
cache-control: private, no-transform, max-age=29887731
expires: Sat, 04 Nov 2023 02:41:12 GMT
date: Wed, 23 Nov 2022 04:32:21 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=407
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aec72f7878bc1958cdff457b023340da
d4f25684e4e6a660586b5388fca438248fa7870a
f11f29a844096fe4d49ae2b09d5bde4f519a186a5e090a80cfc7869b3459bdbf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F11F29A844096FE4D49AE2B09D5BDE4F519A186A5E090A80CFC7869B3459BDBF"
Last-Modified: Tue, 22 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Wed, 23 Nov 2022 10:32:19 GMT
Date: Wed, 23 Nov 2022 04:32:22 GMT
Connection: keep-alive
cdn.firespring.com/images/60954e3f-a663-4455-beb1-d21877b30091.jpg
54.230.111.39200 OK 76 kB URL HTTP/1.1 cdn.firespring.com/images/60954e3f-a663-4455-beb1-d21877b30091.jpg
IP 54.230.111.39:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c21fd7142d93d2d9f7d07030efc8078
86b29e6da4c6bb8e7e0b7f45fa9eab9a0f5a3962
1dcad803aa042d06b3ac46d6902a079ab963df8f6e44c70d938fc183798b901d
GET /images/60954e3f-a663-4455-beb1-d21877b30091.jpg HTTP/1.1
Host: cdn.firespring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/webp
Content-Length: 75714
Connection: keep-alive
Date: Wed, 23 Nov 2022 04:32:21 GMT
Server: Apache
Content-Disposition: inline; filename="Roulette Wheel resized.jpg.webp"
content-transfer-encoding: binary
Expires: Thu, 24 Nov 2022 04:32:21 GMT
Cache-Control: must-revalidate, max-age=86400
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
Vary: Accept
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MGp__gOHVe1UOqvF3RpoMjqqRD9UCBelIB2K_okL9YVMuMfcsrnjtg==
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash a49f68b68c07241fa43dd3364ce03b41
91345cdc72b0e8dda9c910469d23aaed59e810e5
269a9be2de7e33e3ffca7f9c7a5dc64f00cc02280416d41ba0d0d0433758e624
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 09:16:14 GMT
Expires: Tue, 29 Nov 2022 09:16:13 GMT
Etag: "91345cdc72b0e8dda9c910469d23aaed59e810e5"
Cache-Control: max-age=534830,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e72e39098fb521-OSL
freshrevisor.com/wp-content/uploads/2020/12/sss-1536x904.png
198.187.31.75200 OK 105 kB URL HTTP/2 freshrevisor.com/wp-content/uploads/2020/12/sss-1536x904.png
IP 198.187.31.75:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1536x904, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 105 kB (105100 bytes)
Hash 35027335295d9ca125935d7fd12e594b
6594fd99ac093e39413851e18fc2b3a6b85b8bdd
a5aa9ec153e678f580bc6dc8816b1cced4c21ae1cc3efacf7cce6f6b14504811
GET /wp-content/uploads/2020/12/sss-1536x904.png HTTP/1.1
Host: freshrevisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.voirvk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 23 Nov 2023 10:32:21 GMT
content-type: image/webp
last-modified: Sun, 23 Oct 2022 12:33:11 GMT
accept-ranges: bytes
content-length: 105100
date: Wed, 23 Nov 2022 04:32:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3ae052b42e5ab98e4c39723e7966024b
5691ac2989a1408a14a00b17aec742ffbc983e60
88756914d726c38eadfe4c63b37e59d5a658df96462ffe3ced8e3c4bca55401c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88756914D726C38EADFE4C63B37E59D5A658DF96462FFE3CED8E3C4BCA55401C"
Last-Modified: Tue, 22 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21518
Expires: Wed, 23 Nov 2022 10:31:00 GMT
Date: Wed, 23 Nov 2022 04:32:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a3175d29e96e7582d845f245e16499c5
bca912e54cc353fb6220b5a882a8b670cf31e905
51c6adac4772fdc3be5f75ef2c3f412b04b7a94518fb6eaa20b7c6ce9cf6b3d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110402
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:22 GMT
Etag: "637cae98-117"
Expires: Thu, 24 Nov 2022 11:12:24 GMT
Last-Modified: Tue, 22 Nov 2022 11:12:24 GMT
Server: nginx
Content-Length: 279
www.rebornbuy.com/media/catalog/product/cache/1/image/1000x/9df78eab33525d08d6e5fb8d27136e95/p/p/ppw195023-5.jpg
104.21.38.104200 OK 194 kB URL HTTP/2 www.rebornbuy.com/media/catalog/product/cache/1/image/1000x/9df78eab33525d08d6e5fb8d27136e95/p/p/ppw195023-5.jpg
IP 104.21.38.104:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1000x1000, components 3\012- data
Size 194 kB (193990 bytes)
Hash fb95129aacffc61620be635d94121160
06ebad0ddb2f15307bb7fbf7b369e694e2a78be3
fe26d1a349d9f5a5cfed7d8c6d5334eaf5262427691323d5f8d6bd979aaef082
GET /media/catalog/product/cache/1/image/1000x/9df78eab33525d08d6e5fb8d27136e95/p/p/ppw195023-5.jpg HTTP/1.1
Host: www.rebornbuy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:22 GMT
content-type: image/jpeg
content-length: 193990
last-modified: Mon, 23 May 2022 09:12:12 GMT
etag: "628b4fec-2f5c6"
expires: Fri, 23 Dec 2022 04:32:21 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=664XT5I7JKrYZSd%2BCDeajeR6oDHO81KDhUpSYiijkC2EWtDue45SmZUwQWmgxi7xv2HdVvrWkOJ6khn0QcptRFaJ1y6NWi8yZGPEGzPrf7bJCCEeYxu9eRyy7ONXjPqaXsQDRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e72e356d131c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/aoJx5y8uOIo
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/aoJx5y8uOIo
IP 142.250.74.35:0
Hash a2838c61063ab0d2a541f1446cca336f
cb920f0a53001c4a6608dd09f4fbe58d8424e3c5
dda99de695a6264d74a638fae718cfa6310edf4c6de53e21fd0c690eb7f2b7e6
POST /s/gts1d4/aoJx5y8uOIo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nitrilean.com/welcome/letter/images/prod.png
74.115.33.212200 OK 310 kB URL HTTP/1.1 nitrilean.com/welcome/letter/images/prod.png
IP 74.115.33.212:0
File type PNG image data, 791 x 429, 8-bit/color RGBA, non-interlaced\012- data
Size 310 kB (310387 bytes)
Hash 9630e3facbb9d4990771b41e079b88ee
187f3a446cb3f3372cbd00b66420d721acaecabf
24df7fe4ce8ae58368b9eaba3b8f2397626856940be0bdd82958d220d1364d56
GET /welcome/letter/images/prod.png HTTP/1.1
Host: nitrilean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:21 GMT
Server: Apache
Last-Modified: Tue, 06 Jul 2021 02:04:17 GMT
Accept-Ranges: bytes
Content-Length: 310387
Cache-Control: max-age=2592000
Expires: Fri, 23 Dec 2022 04:32:21 GMT
Connection: keep-alive, Keep-Alive
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Content-Type: image/png
www.security-faqs.com/wp-content/uploads/2010/10/web-design.jpg
172.67.164.88200 OK 20 kB URL HTTP/2 www.security-faqs.com/wp-content/uploads/2010/10/web-design.jpg
IP 172.67.164.88:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 625x500, components 3\012- data
Hash 71bf06eea986863abbc6ac79bef44842
b11c1afdd152072ddb945517476d6d240bb36cb3
2e0c3720543e10510b3d61d6c1791d11f0f374c34edd30b2dfa75279fbb324d1
GET /wp-content/uploads/2010/10/web-design.jpg HTTP/1.1
Host: www.security-faqs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:22 GMT
content-type: image/jpeg
content-length: 19694
last-modified: Mon, 16 Apr 2012 10:39:38 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3R0a5wUHpIzYAmftT1HNeUeYVhiIn5Q14hSOSVABEoqD0tDmQ6TWyK8Tm7zaabFLnnhm7hNunBKzY9%2BEbs3k1eqsCzZ6Yub6FmzExT4JvGYOnP%2F0qT2DppCKvk%2FiLS5Mdg1uLwDLtY4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e72e36593cb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash baa04b896638a80895d569f32f7ed879
daf57ce108e776697a436dd9a580fbd99473e45d
959e4e0a1171de43447c248b95374ccd0cd15283f56d97f2a1c95bf483bdb655
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=98599
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:22 GMT
Etag: "637c807d-117"
Expires: Thu, 24 Nov 2022 07:55:41 GMT
Last-Modified: Tue, 22 Nov 2022 07:55:41 GMT
Server: nginx
Content-Length: 279
thehealthytaste.com/images/keravita-pro-product-image.png
104.21.31.100200 OK 305 kB URL HTTP/2 thehealthytaste.com/images/keravita-pro-product-image.png
IP 104.21.31.100:0
File type PNG image data, 1082 x 1079, 8-bit colormap, non-interlaced\012- data
Size 305 kB (305374 bytes)
Hash 92f37f9d81a9f2d12759f5cb8732a765
da59e3d41e459359f4468e4bce81b6751740b985
e38b29996ebfc48085ad9e665be622b57c8a0aa474b30c259c95071486edc347
GET /images/keravita-pro-product-image.png HTTP/1.1
Host: thehealthytaste.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:22 GMT
content-type: image/png
content-length: 305374
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:32:21 GMT
etag: "4a8de-60d206d9-463f;;;"
last-modified: Tue, 22 Jun 2021 15:50:49 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AislzFPL5EbMUqZORSVag88q88mlbBpcc8c2OY78HwZz%2FSj4VqVBgh6N1EJ3nQ1DhO0q4aOp%2BqP9sS1IfRG%2FVQ8n%2FwG1aKa7I4Q1%2FMXqEVIKhy9CNP6r9o%2BI68uKuufvUPgLGzK0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e72e36fd6d1c06-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash bff28390871cf38fce176dccde529f8c
efcb7376ec0c39e5858c3514202030315e7a8049
66dd592e77ed9dd528bdb8d315c54d0b970fc33e42219b0fb9e977f9dd20cfe8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:22 GMT
Server: ECS (amb/6BB6)
Content-Length: 280
powdersvillepost.com/wp-content/uploads/2021/07/Metabofix-powder.jpg
161.35.230.231200 OK 36 kB URL HTTP/1.1 powdersvillepost.com/wp-content/uploads/2021/07/Metabofix-powder.jpg
IP 161.35.230.231:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash fba8a49634e26dc1007c75de1decaaae
3d46f0edcf429bec2f41ae9f4a90ec2a0f1aacb4
e94c5c4d0634c521cb2bbecdae2972611ff7875abbbd8bf109ade49b9eb38a93
GET /wp-content/uploads/2021/07/Metabofix-powder.jpg HTTP/1.1
Host: powdersvillepost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:22 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Last-Modified: Sat, 24 Jul 2021 08:52:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 35748
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
blog.mitestack.com/wp-content/uploads/2022/04/cytoburn-banner-600x338.png
194.233.89.214200 OK 187 kB URL HTTP/2 blog.mitestack.com/wp-content/uploads/2022/04/cytoburn-banner-600x338.png
IP 194.233.89.214:0
ASN #141995 Contabo Asia Private Limited
File type PNG image data, 600 x 338, 8-bit/color RGBA, non-interlaced\012- data
Size 187 kB (186757 bytes)
Hash c7c195fa78c23bd3b1cac17088c34660
25a5b6acd3111c039c11092505545b5c25d80499
37bd671be78a2dee413dedbe8cb2ba033b2f23786aa173fce69ff80c51397422
GET /wp-content/uploads/2022/04/cytoburn-banner-600x338.png HTTP/1.1
Host: blog.mitestack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:32:21 GMT
content-type: image/png
last-modified: Sat, 30 Apr 2022 06:58:36 GMT
accept-ranges: bytes
content-length: 186757
date: Wed, 23 Nov 2022 04:32:21 GMT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2
www.interimcsuiteservices.com/wp-content/uploads/2019/05/whatwedo-img.jpg
69.163.253.97404 Not Found 13 kB URL HTTP/2 www.interimcsuiteservices.com/wp-content/uploads/2019/05/whatwedo-img.jpg
IP 69.163.253.97:0
Hash 4921ad220c8bbc9aa504009e344b034f
7f6a5e8d4fd269a328801a13f236407e46c26b5c
17f5d62de51d0f51be62a2916df43e6abc13ceedba9ac102ebb23883fb4a64a8
GET /wp-content/uploads/2019/05/whatwedo-img.jpg HTTP/1.1
Host: www.interimcsuiteservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.voirvk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 23 Nov 2022 04:32:21 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.interimcsuiteservices.com/wp-json/>; rel="https://api.w.org/"
vary: User-Agent
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
powdersvillepost.com/wp-content/uploads/2022/03/Ikaria-Lean-Belly-Juice-Powder-Reviews.jpg
161.35.230.231200 OK 111 kB URL HTTP/1.1 powdersvillepost.com/wp-content/uploads/2022/03/Ikaria-Lean-Belly-Juice-Powder-Reviews.jpg
IP 161.35.230.231:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x576, components 3\012- data
Size 111 kB (110917 bytes)
Hash c76276106e8080c56c44e15d15294d11
9436dd10402cbccd075c82f61bbc2cb3ade8da23
5013a6486caa8afb126b31ee5b26dd91a9630308fed45dcfb2153dd03fd11d59
GET /wp-content/uploads/2022/03/Ikaria-Lean-Belly-Juice-Powder-Reviews.jpg HTTP/1.1
Host: powdersvillepost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:22 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Last-Modified: Tue, 29 Mar 2022 12:23:17 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpeg
thehealthmags.com/wp-content/uploads/2021/05/Dentitox-Pro-Review.jpg
172.67.181.105200 OK 45 kB URL HTTP/2 thehealthmags.com/wp-content/uploads/2021/05/Dentitox-Pro-Review.jpg
IP 172.67.181.105:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x633, components 3\012- data
Hash bea52ee4e6b2a7688cff05d4ee40da48
540d58ac6045de0e0499f6ac847f170406db3a7e
8a67d0a983ceb52dfeaf892224ab4bd0605071cea3183d0f8a8b035366766c58
GET /wp-content/uploads/2021/05/Dentitox-Pro-Review.jpg HTTP/1.1
Host: thehealthmags.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.voirvk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:22 GMT
content-type: image/jpeg
content-length: 44796
cache-control: public, max-age=31536000
expires: Thu, 23 Nov 2023 04:32:20 GMT
last-modified: Thu, 27 May 2021 03:36:08 GMT
etag: "aefc-60af13a8-0;;;"
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
pragma: public
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXnOmz5x%2FQr%2BrEYugNYo6fKrBOSDBDNCRKuOxg5VVlVLksIAqytWPuO8YfzBCM8rcNjwfcW8MCj6yOXDZT5tOrkHcQnABd%2FsyNAekJMBH4AzUXpWVNBUbRXiUDzqVJAhQfhrKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e72e37f85db4eb-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 39acc93cd4d52061b7c522f7be52d198
22f95ed472ae7548102c8091d4c1840dcecc3b39
6731c9d466cec8913c5bc09fe2e11f7a6d1665ebc1300f778eb25d03fb2300f1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6731C9D466CEC8913C5BC09FE2E11F7A6D1665EBC1300F778EB25D03FB2300F1"
Last-Modified: Mon, 21 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4812
Expires: Wed, 23 Nov 2022 05:52:34 GMT
Date: Wed, 23 Nov 2022 04:32:22 GMT
Connection: keep-alive
www.printablee.com/postpic/2010/05/free-printable-weight-loss-chart_257821.jpg
104.161.44.202200 OK 238 kB URL HTTP/1.1 www.printablee.com/postpic/2010/05/free-printable-weight-loss-chart_257821.jpg
IP 104.161.44.202:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 1646x1920, components 3\012- data
Size 238 kB (237677 bytes)
Hash a10d7d70866a598a07d4ccc64225cd93
903c1be8d9529f948e1bf313d609b8968c51557a
80a7cbf97c9a16bb0031739133d00caa7cac1fa6dbb59c74f972422b180932b1
GET /postpic/2010/05/free-printable-weight-loss-chart_257821.jpg HTTP/1.1
Host: www.printablee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:21 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 07 Jan 2021 18:31:40 GMT
ETag: "8f4f5-5b853a69dacb0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpeg
www.eyelashextensionsmiami.net/wp-content/uploads/2022/10/hydrossential-serum-1-bottle.png
67.20.76.196200 OK 174 kB URL HTTP/2 www.eyelashextensionsmiami.net/wp-content/uploads/2022/10/hydrossential-serum-1-bottle.png
IP 67.20.76.196:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 700, 8-bit/color RGBA, non-interlaced\012- data
Size 174 kB (174005 bytes)
Hash cb7cad2b646a5ef7e3c95d321e1065e8
46ae03f12e2370bf8592b65c75d70b3abc6074c4
c0af082b97fdecfcd9e184e8ce74e23365f66f3f711bdd15a9096a9b906cfa6f
GET /wp-content/uploads/2022/10/hydrossential-serum-1-bottle.png HTTP/1.1
Host: www.eyelashextensionsmiami.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Sun, 16 Oct 2022 17:41:20 GMT
accept-ranges: bytes
content-length: 174005
cache-control: max-age=31536000, public
expires: Thu, 23 Nov 2023 04:32:22 GMT
x-endurance-cache-level: 0
referrer-policy: no-referrer-when-downgrade
x-nginx-cache: WordPress
pragma: public
x-powered-by: W3 Total Cache/0.10.1
content-type: image/png
date: Wed, 23 Nov 2022 04:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
images.freeimages.com/images/large-previews/ca6/poker-1306085.jpg
54.230.111.116200 OK 255 kB URL HTTP/2 images.freeimages.com/images/large-previews/ca6/poker-1306085.jpg
IP 54.230.111.116:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=14, description=OLYMPUS DIGITAL CAMERA , manufacturer=OLYMPUS IMAGING CORP. , model=E-520 , orientation=upper-left, xresolution=2316, yresolution=2324, resolutionunit=2, software=Version 1.0 , datetime=2009:01:04 00:15:01], baseline, precision 8, 1599x1084, components 3\012- data
Size 255 kB (255232 bytes)
Hash 30cf662920d366c3ca7cf4ebd5ef2ee6
29082801bb480f292644203fd1d331e384ee26be
aebdd7b414023e912cae95290f99e1fcd7ef0b4338508da91f21e3d6e6f14a96
GET /images/large-previews/ca6/poker-1306085.jpg HTTP/1.1
Host: images.freeimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 255232
date: Wed, 23 Nov 2022 04:32:23 GMT
last-modified: Sun, 12 Dec 2021 22:39:55 GMT
etag: "30cf662920d366c3ca7cf4ebd5ef2ee6"
cache-control: max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z51owyzObq6nIZCECYgegc8Vb8dLeGJf8a0Iap2E4PvRG-c7MMRmOQ==
X-Firefox-Spdy: h2
www.northdeltareporter.com/wp-content/uploads/2022/11/30906426_web1_M3-NDR-20221103-What-is-Alpilean.jpeg
54.230.111.50200 OK 119 kB URL HTTP/2 www.northdeltareporter.com/wp-content/uploads/2022/11/30906426_web1_M3-NDR-20221103-What-is-Alpilean.jpeg
IP 54.230.111.50:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 1280x517, components 3\012- data
Size 119 kB (119028 bytes)
Hash 53c82d0aa67ea01a2d761451ad190e6b
b10d14da60338d2e626b33d0f32c6497a768f59c
8957284ba6022945ce0eb03ce68a7ed772e2b83f0ab51edf9f8ff2933b2c7bfc
GET /wp-content/uploads/2022/11/30906426_web1_M3-NDR-20221103-What-is-Alpilean.jpeg HTTP/1.1
Host: www.northdeltareporter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 119028
date: Wed, 23 Nov 2022 04:32:22 GMT
set-cookie: AWSALB=zhmBvwxDr+kuiIwN/3x5vGi46z9yzIYnDYlx7iYIeT8aYnyV/usBvOwL30B2jR6IMejz3liElaeGiqVueCCsCZ7xH7uHhytrrx62uamN6g7p9Wegq34rciceybJE; Expires=Wed, 30 Nov 2022 04:32:21 GMT; Path=/
AWSALBCORS=zhmBvwxDr+kuiIwN/3x5vGi46z9yzIYnDYlx7iYIeT8aYnyV/usBvOwL30B2jR6IMejz3liElaeGiqVueCCsCZ7xH7uHhytrrx62uamN6g7p9Wegq34rciceybJE; Expires=Wed, 30 Nov 2022 04:32:21 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Tue, 15 Nov 2022 07:37:05 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
expires: Fri, 23 Dec 2022 04:32:22 GMT
cache-control: max-age=2592000
x-zephr-cache: miss
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2wio_G705wXd9S9XnJ87kzGv8pqyhu1fvh8TeoAShy9S-vHi77slhA==
X-Firefox-Spdy: h2
humandiaries.com/wp-content/uploads/2015/01/Weight-Loss.jpg
162.144.112.8200 OK 297 kB URL HTTP/1.1 humandiaries.com/wp-content/uploads/2015/01/Weight-Loss.jpg
IP 162.144.112.8:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 840x500, components 3\012- data
Size 297 kB (297413 bytes)
Hash 6077f3e0d9b0ba4b7fac0cf71dd252a1
926e59dfd4747445e8d0e4f30d57e9c55fc3a937
3033d9808c1a416752534151eb803317d59a5b8c773d30bfea452a56b9ee44b8
GET /wp-content/uploads/2015/01/Weight-Loss.jpg HTTP/1.1
Host: humandiaries.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:22 GMT
Server: Apache
Last-Modified: Tue, 09 Feb 2021 02:54:17 GMT
Accept-Ranges: bytes
Content-Length: 297413
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
www.xplina.com/wp-content/uploads/2020/12/diet-617756_1920-1536x1024.jpg
198.54.126.230200 OK 183 kB URL HTTP/2 www.xplina.com/wp-content/uploads/2020/12/diet-617756_1920-1536x1024.jpg
IP 198.54.126.230:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1536x1024, components 3\012- data
Size 183 kB (182572 bytes)
Hash a28548f57a8a7b389d7528a701ad13fc
40fe2f255def2ecefb927b2f9712bba4ccebc82f
a225a821f76d17cf1fc176577b7f1179fc562187d740b94ff03957fc6a3ad955
GET /wp-content/uploads/2020/12/diet-617756_1920-1536x1024.jpg HTTP/1.1
Host: www.xplina.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 04:32:22 GMT
content-type: image/jpeg
last-modified: Fri, 28 May 2021 21:57:35 GMT
accept-ranges: bytes
content-length: 182572
date: Wed, 23 Nov 2022 04:32:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.the1031investor.com/wp-content/uploads/2018/08/canstockphoto853147.jpg
52.40.12.240200 OK 1.5 MB URL HTTP/2 www.the1031investor.com/wp-content/uploads/2018/08/canstockphoto853147.jpg
IP 52.40.12.240:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 3456x2298, components 3\012- data
Size 1.5 MB (1528296 bytes)
Hash 2c8886cbf04015a405156e4f6e94e859
17755d65bb669244472d1211e0e08ebed54a1323
0ec5cbaa6dcf75cb3799776fc83e41e19f26b7bfb918382cde5615b77f4f88cb
GET /wp-content/uploads/2018/08/canstockphoto853147.jpg HTTP/1.1
Host: www.the1031investor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 04:32:22 GMT
content-type: image/jpeg
content-length: 1528296
last-modified: Thu, 09 Aug 2018 00:21:36 GMT
etag: "5b6b8910-1751e8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ebayimg.com/images/g/O6kAAOSwOj5jSR5T/s-l64.jpg
8.248.224.22301 Moved Permanently 181 B URL HTTP/1.1 i.ebayimg.com/images/g/O6kAAOSwOj5jSR5T/s-l64.jpg
IP 8.248.224.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9ff6854f822a4e7c08f95334aa16879e
4f02f0fc4506e0f52932cea7c44ea68451fb7ecf
46b9bfad8132d91e0249883178b62a3fc8dc1235ab994d76b2f6804211137167
GET /images/g/O6kAAOSwOj5jSR5T/s-l64.jpg HTTP/1.1
Host: i.ebayimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 04:32:23 GMT
Content-Type: text/html
Content-Length: 181
Connection: keep-alive
Server: FP6.1.3311.145
Location: https://i.ebayimg.com/images/g/O6kAAOSwOj5jSR5T/s-l64.jpg
X-CDN: LUMN
Strict-Transport-Security: max-age=31536000
i.pinimg.com/236x/00/8a/7f/008a7fa0b86761f21271852e94025362.jpg
151.101.84.84200 OK 5.8 kB URL HTTP/1.1 i.pinimg.com/236x/00/8a/7f/008a7fa0b86761f21271852e94025362.jpg
IP 151.101.84.84:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 235x132, components 3\012- data
Hash 59d6bc50c994d61b72a2facf299ee36c
4f433d499f2d6b5975f5c2ad59b8c4aa0262732a
969be245afe01baf1d7b631aff9a7e31bd6fb88190e856d53f2fa70584000ca6
GET /236x/00/8a/7f/008a7fa0b86761f21271852e94025362.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 5754
x-amz-replication-status: COMPLETED
ETag: "59d6bc50c994d61b72a2facf299ee36c"
Content-Type: image/jpeg
Cache-Control: max-age=31536000, immutable
Accept-Ranges: bytes
Vary: Origin
X-CDN: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Wed, 23 Nov 2022 04:32:23 GMT
lh3.googleusercontent.com/proxy/9m2zOtiekxTVtHdkWLgk_0321fI-6-QsFvhDs_fMo_QqTfpmoCBMFJgotciY3sOLUtaFCjZ_ktrQFJhdyNxu4FqF1dUSVvj_-Jr8lDzUDHCUOUaqhKAxT0GS6uRiAVaC=w1200-h630-p-k-no-nu
142.250.74.33200 OK 61 kB URL HTTP/1.1 lh3.googleusercontent.com/proxy/9m2zOtiekxTVtHdkWLgk_0321fI-6-QsFvhDs_fMo_QqTfpmoCBMFJgotciY3sOLUtaFCjZ_ktrQFJhdyNxu4FqF1dUSVvj_-Jr8lDzUDHCUOUaqhKAxT0GS6uRiAVaC=w1200-h630-p-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 564x630, components 3\012- data
Hash 58b61bf29736416cd374da44f3a4e4ed
a6ffa1597205f2bf2a546fc00d996372a848b4f9
9b63f400e73804bc93037b6f188f3a54864af5a807d816623f9adece33067d00
GET /proxy/9m2zOtiekxTVtHdkWLgk_0321fI-6-QsFvhDs_fMo_QqTfpmoCBMFJgotciY3sOLUtaFCjZ_ktrQFJhdyNxu4FqF1dUSVvj_-Jr8lDzUDHCUOUaqhKAxT0GS6uRiAVaC=w1200-h630-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Expires: Thu, 24 Nov 2022 04:32:23 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="unnamed.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 23 Nov 2022 04:32:23 GMT
Server: fife
Content-Length: 60790
X-XSS-Protection: 0
pbs.twimg.com/media/Dm219HUXgAEfiq6.jpg
192.229.233.50200 OK 83 kB URL HTTP/1.1 pbs.twimg.com/media/Dm219HUXgAEfiq6.jpg
IP 192.229.233.50:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 609x476, components 3\012- data
Hash 62dc1dd61973c1d8c45fb3b4fe64c506
78eef4fcc8ae48f6831574d514cb2d450ea05101
79de5bddd4c31ff2908719803989f6b6ad400c22051f8ebbf90bb0ac142cc6cf
GET /media/Dm219HUXgAEfiq6.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
Age: 84220
cache-control: max-age=604800, must-revalidate
Content-Type: image/jpeg
Date: Wed, 23 Nov 2022 04:32:23 GMT
last-modified: Wed, 12 Sep 2018 01:26:27 GMT
perf: 7626143928
Server: ECS (ska/F717)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=27
strict-transport-security: max-age=631138519
surrogate-key: media media/bucket/5 media/1039687150533574657
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
X-Cache: HIT
x-connection-hash: 7f5c847ca341e049e8fc63715107a68b464504ee23c159018160d3b2c8d3c104
x-content-type-options: nosniff
x-response-time: 325
x-transaction-id: dd74fa148138f06a
x-tw-cdn: VZ, VZ
Content-Length: 83152
lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1663993300586517
157.240.200.14301 Moved Permanently 0 B URL HTTP/1.1 lookaside.fbsbx.com/lookaside/crawler/media/?media_id=1663993300586517
IP 157.240.200.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lookaside/crawler/media/?media_id=1663993300586517 HTTP/1.1
Host: lookaside.fbsbx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/lookaside/crawler/media/?media_id=1663993300586517
Content-Type: text/html; charset="utf-8"
X-FB-Debug: vMEg1c/rAsgEY24VN2k+pqptpHnLlmuKq3ssBr+yOKyV2FQUH37IBQ1X/5JXLA1fkkxiAXUwOA1Q98f9ihtLNA==
Date: Wed, 23 Nov 2022 04:32:23 GMT
X-FB-TRIP-ID: 1679558926
Connection: keep-alive
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0be3e3b6a55789993d7a1a175bb8e335
70e1b2ef23731397872aa67d3da9f97d40e4fad4
155e55bec061fd76dc2a73b570ebbac9ad17f22e95394c7bf96094a0729a7a54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3027
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:23 GMT
Last-Modified: Wed, 23 Nov 2022 03:41:56 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
secure.gravatar.com/avatar/d1fdc24543cec51b475331559f5ff3e6?s=250&d=mm&r=g
192.0.73.2200 OK 3.3 kB URL HTTP/1.1 secure.gravatar.com/avatar/d1fdc24543cec51b475331559f5ff3e6?s=250&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 250x250, components 3\012- data
Hash 1a672b5350a494f5659cc155063042cb
77886e76c1677fcd9b812c407d55ab794d79710b
79019b72b94794c79bac9259c430bed34867c47a6d0364c9af2a4d00739d0407
GET /avatar/d1fdc24543cec51b475331559f5ff3e6?s=250&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 04:32:23 GMT
Content-Type: image/jpeg
Content-Length: 3307
Connection: keep-alive
Last-Modified: Wed, 11 Jan 1984 08:00:00 GMT
Link: <https://www.gravatar.com/avatar/d1fdc24543cec51b475331559f5ff3e6?s=250&d=mm&r=g>; rel="canonical"
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="d1fdc24543cec51b475331559f5ff3e6.png"
Expires: Wed, 23 Nov 2022 04:37:23 GMT
Cache-Control: max-age=300
X-nc: MISS arn 4
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash dc09e36af44740b266b8065fd0c9b22e
94f9849b17cbc23db74f0cb2fa26a903beb65bec
46c81ff0cd5bc624eefd4152f4f82df4b0cd07638b28b89782c2982b534143bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 07:47:41 GMT
Expires: Mon, 28 Nov 2022 07:47:40 GMT
Etag: "94f9849b17cbc23db74f0cb2fa26a903beb65bec"
Cache-Control: max-age=443116,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76e72e436e6db521-OSL
media-exp1.licdn.com/dms/image/D4E12AQHnmcV0UHQdgA/article-cover_image-shrink_600_2000/0/1666863511515?e=2147483647&v=beta&t=G5qS1-vN51zIHQUmMJB2SHCE_Wa-qImzXIKwjZjwcto
23.36.76.121200 OK 25 kB URL HTTP/1.1 media-exp1.licdn.com/dms/image/D4E12AQHnmcV0UHQdgA/article-cover_image-shrink_600_2000/0/1666863511515?e=2147483647&v=beta&t=G5qS1-vN51zIHQUmMJB2SHCE_Wa-qImzXIKwjZjwcto
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x422, components 3\012- data
Hash a0ede35992a0fb6586e25a8496a1648e
07ea3e869e6fabd0c11a4c9c0345ac37663e242f
857a14b33a9e90311ac29d52871617ece50a2c78adc2ba98695601d3fdcb5bbb
GET /dms/image/D4E12AQHnmcV0UHQdgA/article-cover_image-shrink_600_2000/0/1666863511515?e=2147483647&v=beta&t=G5qS1-vN51zIHQUmMJB2SHCE_Wa-qImzXIKwjZjwcto HTTP/1.1
Host: media-exp1.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: Play
Content-Type: image/jpeg
Cache-Control: max-age=86400
Last-Modified: Thu, 27 Oct 2022 09:38:31 GMT
X-Li-Fabric: prod-ltx1
X-Li-Pop: prod-ltx1-x
X-LI-Proto: http/1.1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-UUID: AAXuG8ZmVD4yvuuoosE7fQ==
Content-Length: 25252
X-EdgeConnect-MidMile-RTT: 16
X-EdgeConnect-Origin-MEX-Latency: 165
Date: Wed, 23 Nov 2022 04:32:23 GMT
Connection: keep-alive
X-Cache: TCP_MISS
X-Set-Cookie: 1
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM-STLS
www.voirvk.com/favicon.ico
174.136.13.138200 OK 0 B URL HTTP/1.1 www.voirvk.com/favicon.ico
IP 174.136.13.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.voirvk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 04:32:23 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
i.ebayimg.com/images/g/O6kAAOSwOj5jSR5T/s-l64.jpg
8.248.224.22200 OK 1.3 kB URL HTTP/2 i.ebayimg.com/images/g/O6kAAOSwOj5jSR5T/s-l64.jpg
IP 8.248.224.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Processed By eBay with ImageMagick, z1.1.0. ||B1", progressive, precision 8, 64x64, components 3\012- data
Hash 1fabdc09cbdab9c7fe572ca415b4d29c
ea209e0c039ff9210e73763969d5a35d61bc01f8
9f7d93e489015278e636e6b786e9eaff7c570f1ea9fd0194c6b557a08a7f9daf
GET /images/g/O6kAAOSwOj5jSR5T/s-l64.jpg HTTP/1.1
Host: i.ebayimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 04:32:23 GMT
content-type: image/jpeg
content-length: 1324
rlogid: t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*qo%7Cmr%28rbpv6612-1843229086c-0x106
x-ebay-c-version: 1.0.0
last-modified: Fri, 14 Oct 2022 08:31:14 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
expires: Wed, 01 Nov 2023 07:47:40 GMT
nncoection: close
server: ebay-proxy-server
x-envoy-upstream-service-time: 13
x-ebay-pop-id: UFES2-FRA-zoe-anycast
x-cdn: LUMN
strict-transport-security: max-age=31536000
age: 1889083
accept-ranges: bytes
X-Firefox-Spdy: h2
www.facebook.com/lookaside/crawler/media/?media_id=1663993300586517
157.240.200.35302 Found 0 B URL HTTP/2 www.facebook.com/lookaside/crawler/media/?media_id=1663993300586517
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lookaside/crawler/media/?media_id=1663993300586517 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.facebook.com/synergexgroup/photos/a.1620661931586321/1663993300586517/?type=3&is_lookaside=1
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: n98qi16h/VLl5XLv1RlFvLnDArXiYhob6pTX6xG2MW+64pt8Kv5QPAQGAe45Nn5Bhbt7T4sTJSsgS/7vhDye/A==
content-length: 0
date: Wed, 23 Nov 2022 04:32:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
media-exp1.licdn.com/dms/image/D4E12AQGWTBo77L3X2w/article-cover_image-shrink_720_1280/0/1666444440202?e=2147483647&v=beta&t=ax6SJoT8AblduCxLJ4nsXJrNHEFb64Wh395SDKb0eNE
23.36.76.121200 OK 554 kB URL HTTP/1.1 media-exp1.licdn.com/dms/image/D4E12AQGWTBo77L3X2w/article-cover_image-shrink_720_1280/0/1666444440202?e=2147483647&v=beta&t=ax6SJoT8AblduCxLJ4nsXJrNHEFb64Wh395SDKb0eNE
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type PNG image data, 1280 x 720, 8-bit/color RGBA, non-interlaced\012- data
Size 554 kB (553944 bytes)
Hash 3cdfcde4c86c641a6456c60da07e7b2a
5cc2dc4fb46c204e9720dabd7a0f45d7e82bd13f
af7678c6e25d6e9c3dd8b8fbfe06fe492a8992eea708c167c473f1992abb5489
GET /dms/image/D4E12AQGWTBo77L3X2w/article-cover_image-shrink_720_1280/0/1666444440202?e=2147483647&v=beta&t=ax6SJoT8AblduCxLJ4nsXJrNHEFb64Wh395SDKb0eNE HTTP/1.1
Host: media-exp1.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.voirvk.com/
HTTP/1.1 200 OK
Server: Play
Content-Type: image/png
Cache-Control: max-age=86400
Last-Modified: Sat, 22 Oct 2022 13:14:00 GMT
X-Li-Fabric: prod-ltx1
X-Li-Pop: prod-ltx1-x
X-LI-Proto: http/1.1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-UUID: AAXuG8ZmVS3FJHgEgn012A==
X-EdgeConnect-MidMile-RTT: 16
X-EdgeConnect-Origin-MEX-Latency: 159
Date: Wed, 23 Nov 2022 04:32:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
X-Cache: TCP_MISS
X-Set-Cookie: 1
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM-STLS
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0be3e3b6a55789993d7a1a175bb8e335
70e1b2ef23731397872aa67d3da9f97d40e4fad4
155e55bec061fd76dc2a73b570ebbac9ad17f22e95394c7bf96094a0729a7a54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3027
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 04:32:23 GMT
Last-Modified: Wed, 23 Nov 2022 03:41:56 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
images.seattletimes.com/wp-content/uploads/2019/11/urn-publicid-ap-org-8cca7e13d136460bbe9afe424bac7026Wintry_Weather_83917.jpg?d=2040x1473
143.204.55.89200 OK 426 kB URL HTTP/2 images.seattletimes.com/wp-content/uploads/2019/11/urn-publicid-ap-org-8cca7e13d136460bbe9afe424bac7026Wintry_Weather_83917.jpg?d=2040x1473
IP 143.204.55.89:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2040x1473, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 426 kB (426302 bytes)
Hash 1ec79ba8be7ab6e5a7fdfbb095e8990b
60ccadbaffd7230d5d78c248a7600c7f6d13070b
0b479927ef5c17650b5d7ca4c0e9edeb0c8f7365888a0ae3968af185c90846de
GET /wp-content/uploads/2019/11/urn-publicid-ap-org-8cca7e13d136460bbe9afe424bac7026Wintry_Weather_83917.jpg?d=2040x1473 HTTP/1.1
Host: images.seattletimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 426302
x-amz-request-id: G5EY62MCRM18VGHA
x-amz-id-2: c43NcMjxz4S8YcTbGZCsfIGGcbo9N4CyeWkVAwEoWoVB6Kvm/g6QCBbx/y52QUJEBafZk7lcdPc=
date: Wed, 23 Nov 2022 04:32:21 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -kBTd_Bc9UWCas_43jnkZ2u6yPQPuJ6SmS6wWvERGBi1C2VCd0jVrw==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1387520c00b2ce57c6e49fd89afbfe83
5404be7e1fff033a5cccc15164d77b7e96a48a81
2f0fe787a2b2da38cf134a08dc4addf281e6f96761df33780b1a74d037573d58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29cc891-05a6-43aa-910c-6255241c5cdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12244
x-amzn-requestid: a01b2328-438f-4d94-94e2-77d5a44d4d65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jGjGqsoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787ef6-094db925714fac2c71bc2679;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:06 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: q-ciGssIUXEi_5vn91CqzSGSBlnrszvDBewZYBdFrywPvpWHSWH0lQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:56:30 GMT
age: 20156
etag: "5404be7e1fff033a5cccc15164d77b7e96a48a81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/synergexgroup/photos/a.1620661931586321/1663993300586517/?type=3&is_lookaside=1
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/synergexgroup/photos/a.1620661931586321/1663993300586517/?type=3&is_lookaside=1
IP 157.240.200.35:0
GET /synergexgroup/photos/a.1620661931586321/1663993300586517/?type=3&is_lookaside=1 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
link: <https://www.facebook.com/synergexgroup/photos/a.1620661931586321/1663993300586517/>; rel="canonical"
accept-ch-lifetime: 4838400
accept-ch: sec-ch-prefers-color-scheme
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/comet_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: d6Tqjs8AVCYUZDALQTlQpnN4uG/MfPlQA8A3vUWhpde4U0Sr+44fkUB9wgE7lLdWB2gpYT1/4JJy54Q6ZxAnyQ==
date: Wed, 23 Nov 2022 04:32:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0510/8698/3319/products/CPS_CHAD_MOCKUP_MANGREENS_F_x100@2x.png?v=1628025902
162.159.135.68404 Not Found 0 B URL HTTP/2 cdn.shopify.com/s/files/1/0510/8698/3319/products/CPS_CHAD_MOCKUP_MANGREENS_F_x100@2x.png?v=1628025902
IP 162.159.135.68:0
GET /s/files/1/0510/8698/3319/products/CPS_CHAD_MOCKUP_MANGREENS_F_x100@2x.png?v=1628025902 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 23 Nov 2022 04:32:21 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=30
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: e5b60ca6-5b7e-4065-a679-6664a1390e1c
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-east1
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2F3596kZn2H7%2B%2BGN1WRWfMeLnCWv%2BcqfXSPTqkUjoLsJPUw84PD0DUr70mThwmb28ybdRt2S%2F8z0MMGEMBnqlqcp0x4cTUfo2Ymo9MijJXP2rMOQfAvUF8UcPMrOxhrSqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=14.583, imageryFetch;dur=14.442, cfRequestDuration;dur=655.999899
server: cloudflare
cf-ray: 76e72e372e100b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.yumpu.com/en/image/facebook/67319332.jpg
143.204.55.45200 OK 0 B URL HTTP/2 www.yumpu.com/en/image/facebook/67319332.jpg
IP 143.204.55.45:0
GET /en/image/facebook/67319332.jpg HTTP/1.1
Host: www.yumpu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.voirvk.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
date: Wed, 23 Nov 2022 04:32:21 GMT
server: Apache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
pragma: no-cache
set-cookie: ypsession=n7apt8rp6e0a28orogekvb065c8k2h0g; expires=Fri, 23-Dec-2022 04:32:21 GMT; Max-Age=2592000; path=/; secure; HttpOnly
yumpu_slc=en; expires=Wed, 30-Nov-2022 04:32:21 GMT; Max-Age=604800; path=/; secure; httponly
ypsitetrack=utm_source%3D0%26utm_campaign%3Dserp%26utm_medium%3DSEO; expires=Thu, 23-Nov-2023 04:32:21 GMT; Max-Age=31536000; path=/
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7X-EUDqJGyylOZ5O7YB2IvgnoYD3NkGikizyfwOwn0J9aQlztcddPQ==
X-Firefox-Spdy: h2