| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9ce33c47154f4826255fe9bbe54d72be e10a363c007a6d15ed43eb35b4e5c246d85c5eed cf423db1a8ad1dce1b5c25f6025d14411b4a46e95a6001288949f046e244bc24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF423DB1A8AD1DCE1B5C25F6025D14411B4A46E95A6001288949F046E244BC24"
Last-Modified: Fri, 10 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5975
Expires: Sat, 11 Mar 2023 22:37:39 GMT
Date: Sat, 11 Mar 2023 20:58:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash88c2e33504e05b0bc2b7a3502d6a79bb 23881a1edb8d8ff3dc2192d25792a59fa2c96088 dfbfefeab7d314e54f5e5f2e48ba645817da6dee3ee2bc5abdbaac81b8dc66e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFBFEFEAB7D314E54F5E5F2E48BA645817DA6DEE3EE2BC5ABDBAAC81B8DC66E7"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5481
Expires: Sat, 11 Mar 2023 22:29:25 GMT
Date: Sat, 11 Mar 2023 20:58:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash1a564ae484daef6a82bb08116ad794eb f75350abf28a42c16324901035889a1f3af700a1 225214187df3f50835a8aafcc4555fe47cf0b78938b71d34fb422942292b153b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "225214187DF3F50835A8AAFCC4555FE47CF0B78938B71D34FB422942292B153B"
Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5931
Expires: Sat, 11 Mar 2023 22:36:55 GMT
Date: Sat, 11 Mar 2023 20:58:04 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashbc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 11 Mar 2023 20:13:52 GMT
content-type: application/json
age: 2652
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb5ba6334e73496995e3e3a9ecd0eb323 ad80d3b7718c28364e8c2004fb38a13a1747e462 aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Z4z5je/B9NdHSWUx7nfrHQibsaUypq1RU8U/2usOtZ2WHEfqy2ia/U8qwYFStsWlQqAQMDDS1Aw=
x-amz-request-id: 280K8S0YGM2SEVCJ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 11 Mar 2023 20:19:25 GMT
age: 2319
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| track.emailingstats.com/NEy3v7LTVg6ebUZH2/Jodu | 209.148.80.76 | 200 OK | 357 B |
URL HTTP/1.1track.emailingstats.com/NEy3v7LTVg6ebUZH2/Jodu IP209.148.80.76:0 ASN#394844 ROOT-LEVEL-TECHNOLOGY
File typeHTML document text\012- HTML document, ASCII text Hashf7a30dcb4d564d408220e53da4c2c0ea 0304007c445e2e2817c09e2e8b145f8344327792 fd87ea9c3ad1d51c839c54b295a99521d78f2be2e555193267449671a9ad2594
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /NEy3v7LTVg6ebUZH2/Jodu HTTP/1.1
Host: track.emailingstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 20:58:04 GMT
Server: Apache/2.4.53 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 357
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 20:58:04 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| track.emailingstats.com/NEy3v7LTVg6ebUZH2 | 209.148.80.76 | 200 OK | 348 B |
URL HTTP/1.1track.emailingstats.com/NEy3v7LTVg6ebUZH2 IP209.148.80.76:0 ASN#394844 ROOT-LEVEL-TECHNOLOGY
File typeHTML document text\012- HTML document, ASCII text Hash940b554a28fd82bf35f4bb7fcfee445a be17d8d324b66519a31c3cd2106ceeb06110f956 30c86b23897c528e4dc53947757ff237b5e0b05b7c4d6775bab1672fc4cf58fe
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /NEy3v7LTVg6ebUZH2 HTTP/1.1
Host: track.emailingstats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 20:58:04 GMT
Server: Apache/2.4.52 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 348
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, ETag, Backoff, Expires, Alert, Pragma, Cache-Control, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 11 Mar 2023 20:06:46 GMT
age: 3079
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd960a8d21b339ab0d7987e3b1eb16fdc 08d4430c549151295ee4e1dc8f24dbd3d9456b0b 522b75aa714f87a716a9a693a7c3ed1cab6e5b1725f20a67df46dec2967b5960
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "522B75AA714F87A716A9A693A7C3ED1CAB6E5B1725F20A67DF46DEC2967B5960"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3787
Expires: Sat, 11 Mar 2023 22:01:12 GMT
Date: Sat, 11 Mar 2023 20:58:05 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 35.165.93.208 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.165.93.208:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TCJviUPUCjqzN2LR5sl+ew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Bf8r2wOdN7y2FSWu6Z2xHQ8cVqI=
|
|
| ocsp.r2m02.amazontrust.com/ | 143.204.48.16 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP143.204.48.16:0
Hash8cf81d91d70fc542f7cf46679fdacda7 7d49bdc31308f1f7976a977a571d07f1fce9a03f 09513dc9a1c11f3b399272c9e09813b63591aca56d1923913995db7f97a7402e
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 11 Mar 2023 20:58:06 GMT
Etag: "640c0dda-1d7"
Last-Modified: Sat, 11 Mar 2023 19:13:01 GMT
Server: ECAcc (bsa/EB6C)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KmUHAf1n7Vxbf_QaBjb7run5qZ8AkNPL1C0BT0jcqXvKyy2G9A-L_Q==
Age: 6306
|
|
| cdn.iframe.ly/embed.js | 54.230.111.41 | 200 OK | 8.2 kB |
IP54.230.111.41:0
File typeASCII text, with very long lines (24307), with no line terminators Hashc8d86e343e084c06e6e410ae58e23bda 784b21520f968d1c786e11332eeb6bcc8e8ee83f 6a0e30db4b11e9a2b5af6ce0f565a288c714d2b0ae872da1a2c4e8ae56692099
GET /embed.js HTTP/1.1
Host: cdn.iframe.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 11 Mar 2023 03:12:00 GMT
last-modified: Fri, 03 Feb 2023 14:45:36 GMT
etag: W/"63dd1e10-5ef3"
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mGV-762ThAqmbOSUVl5MLr77EhUbUr12PL-AZpBV-x8NZ6A6VN8mzQ==
age: 63966
X-Firefox-Spdy: h2
|
|
| assets.trypico.com/trypico/_next/static/chunks/pages/%5Bcompany_slug%5D/%5Bshort_code_route%5D-ca2101ca5a0d90d1.js |  104.22.36.209 | 200 OK | 761 B |
URL HTTP/2assets.trypico.com/trypico/_next/static/chunks/pages/%5Bcompany_slug%5D/%5Bshort_code_route%5D-ca2101ca5a0d90d1.js IP104.22.36.209:0
Hash0980a79077bcfa08f30285f970f821aa 769da2d522a26ac624a87c4543f0cc6834996ed3 9b1412575a0cc4ff9be7a5a514ab178f40fdfcb9223bcb7037a2302e8f8b50e7
GET /trypico/_next/static/chunks/pages/%5Bcompany_slug%5D/%5Bshort_code_route%5D-ca2101ca5a0d90d1.js HTTP/1.1
Host: assets.trypico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/javascript
cache-control: immutable,max-age=100000000,public
cf-bgj: minify
cf-polished: origSize=447
etag: W/"32a3c91f4209cb918d0055fbbbbf1cba"
last-modified: Thu, 09 Mar 2023 13:47:40 GMT
x-amz-id-2: lZ8iw1slIHlSX22690de/Cw8urvduuquL1C07zBXLJhCeY1+Vp/2acLmuXc0KebIMzGVXj+y1QI=
x-amz-request-id: QJSKKJG9TVFM67RN
cf-cache-status: HIT
age: 171267
set-cookie: __cf_bm=hBdy9Y74GmuS1c.FJlT2pdnpQjHIV2DsuST.I4tTSIE-1678568286-0-AQ1ChXCFklEztQdZut/gU7GNBW/pRyEFxKmHFQgZ0FWw8nerOSEB7xkQHId2hDmlr8ZE2KSOwZ5gEIEmat+u/jE=; path=/; expires=Sat, 11-Mar-23 21:28:06 GMT; domain=.trypico.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6acbab52d74-ARN
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| assets.trypico.com/trypico/_next/static/3Z6MPijprEbT14ZEswiCI/_ssgManifest.js | 104.22.36.209 | 200 OK | 564 B |
URL HTTP/2assets.trypico.com/trypico/_next/static/3Z6MPijprEbT14ZEswiCI/_ssgManifest.js IP104.22.36.209:0
Hash88f5afda6764b96dc70553379d81b7ef 693a64126de4a8b801f7d64a54ac0f811f574a84 ccb70e92c5b68358802075f111d3657c0675fe719cd53d0bc59c8bc34f7fb774
GET /trypico/_next/static/3Z6MPijprEbT14ZEswiCI/_ssgManifest.js HTTP/1.1
Host: assets.trypico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/javascript
cache-control: immutable,max-age=100000000,public
cf-bgj: minify
etag: W/"b6652df95db52feb4daf4eca35380933"
last-modified: Thu, 09 Mar 2023 13:47:37 GMT
x-amz-id-2: pQ2MeHlnTaeMXuSDgR6XWcYkXiiMhOs5WnIRuFeipiOY9PHKDYhmTE5IKWYJ7bsD/kqG3UiM6kk=
x-amz-request-id: R58CMT8DES8RRRBY
cf-cache-status: HIT
age: 186722
set-cookie: __cf_bm=SzFlzeFWUEpCxlSqVZZXwWv5bOkk5YbTNdUBbv5XDhc-1678568286-0-AQ9ZnnfQLjVQQyFrJ0Da9m962OCfwSRf0jAScSgWEJk4YurNrfbsNu90XAxmSIYHH0os2YWeh+D+amVTISuvEGk=; path=/; expires=Sat, 11-Mar-23 21:28:06 GMT; domain=.trypico.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6acbab82d74-ARN
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf1cb274086a7fc07be41dfeb65ec1dbf c6339993814eda4b9629ef179222b060d1f5143b b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11168
Expires: Sun, 12 Mar 2023 00:04:14 GMT
Date: Sat, 11 Mar 2023 20:58:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf1cb274086a7fc07be41dfeb65ec1dbf c6339993814eda4b9629ef179222b060d1f5143b b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11168
Expires: Sun, 12 Mar 2023 00:04:14 GMT
Date: Sat, 11 Mar 2023 20:58:06 GMT
Connection: keep-alive
|
|
| assets.trypico.com/trypico/_next/static/3Z6MPijprEbT14ZEswiCI/_buildManifest.js | 104.22.36.209 | 200 OK | 9.6 kB |
URL HTTP/2assets.trypico.com/trypico/_next/static/3Z6MPijprEbT14ZEswiCI/_buildManifest.js IP104.22.36.209:0
Hash6082771c232f3a74450d0aff0fdf8ddb 6158493c584d3bb9f8be01fb44c7b27742d7e68c 784e246f3484aa68748fa9044c3adda4edb816dd2163e6c1164f569bd4d3ac40
GET /trypico/_next/static/3Z6MPijprEbT14ZEswiCI/_buildManifest.js HTTP/1.1
Host: assets.trypico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/javascript
cache-control: immutable,max-age=100000000,public
cf-bgj: minify
etag: W/"2a72f55a6a7a112a13b4a046145a83e0"
last-modified: Thu, 09 Mar 2023 13:47:37 GMT
x-amz-id-2: wQjO6KMTtDY29l4XfoM924IZOAs0e1n24NHYuGmDzKugQxomsYU02b/f34/tp35gNrdUzKmGZ1M=
x-amz-request-id: JVYFB1QVTFDM3JYT
cf-cache-status: HIT
age: 186722
set-cookie: __cf_bm=tQKbD99UTOeDWA1.IjM.DPKNYBTde4jZek7cyuDaBLI-1678568286-0-Ab2g8RGX28ZGcD9aJIlX6Pltcnl7RvvPuNYTUVrUn87o0kJ1rY1oPIm1qv56otj8QZ2ZnAcAJIrRgBwWsHaLqUQ=; path=/; expires=Sat, 11-Mar-23 21:28:06 GMT; domain=.trypico.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6acbab62d74-ARN
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| images.pico.tools/production/logo_1660144858092_848.jpeg | 104.26.3.192 | 200 OK | 29 kB |
URL HTTP/2images.pico.tools/production/logo_1660144858092_848.jpeg IP104.26.3.192:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data Hash1b206103ccab693250d7b06381d37fe0 ba61882cdc4ef12b04598474d7bcee79e531c061 1e6e4a19ca503d0c0f2616b1bf2be0e1e51a9be336f17fdbf16ae2edf5a8149f
GET /production/logo_1660144858092_848.jpeg HTTP/1.1
Host: images.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: image/jpeg
content-length: 29157
x-amz-id-2: GjlTrg3J2WtS8dhmNkFzFOKMwkTEcL52+2Tdd/ZEp7C79cc8FGbVu9ITwDRq6zGYgc7hl+rUCg8=
x-amz-request-id: C9ZG8C455MFF6YFA
last-modified: Wed, 10 Aug 2022 15:20:59 GMT
etag: "1b206103ccab693250d7b06381d37fe0"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTDnLAjTdtj90rAgwXUuYVpWYJSUeVTPtjLxhIuls11l2AptcXHxrX1%2Fv%2FGF1XLOpialzpVl0icZRHv0xZZYxP7a5nWAT6Fq4rODMVfEcmzU0svALBq8wky9VSAnEiRy1acv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6ad1f880b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| assets.trypico.com/trypico/_next/static/chunks/main-c60569962c7d2479.js | 104.22.36.209 | 200 OK | 36 kB |
URL HTTP/2assets.trypico.com/trypico/_next/static/chunks/main-c60569962c7d2479.js IP104.22.36.209:0
Hashc620aa4bc3216c60ed0cdbcd4adff441 40fb1fadd6b5dd201ef6c2ef6d7b01991bb57848 d060e4cb95c6caa19dc09ead89f4924dee8d616b04cccd234c300f317a3a6256
GET /trypico/_next/static/chunks/main-c60569962c7d2479.js HTTP/1.1
Host: assets.trypico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/javascript
cache-control: immutable,max-age=100000000,public
cf-bgj: minify
cf-polished: origSize=99014
etag: W/"1c2bee596007f7be0b438bbd8d0d91f3"
last-modified: Thu, 09 Mar 2023 13:47:40 GMT
x-amz-id-2: XZJOrD/+y+bzyLd5o07KXogmk/Y9CL1+sclyrR+ThZYW/GDv36NvqbX8ufj3UrpvYzfra3ewjzo=
x-amz-request-id: KR0ETPB86DR5QW0R
cf-cache-status: HIT
age: 186722
set-cookie: __cf_bm=Pxa3IFz4ljzwqIEhzDLw3MJChcytVNzEfFZjtowueL0-1678568286-0-AaauX31RvZcK6luqhvBjY/dEnespz7IoEh5ie44aw/pfFbQ0E4ZZm8jHclHrMemnXlhI7SEQcDTJNMtSTRgAAHw=; path=/; expires=Sat, 11-Mar-23 21:28:06 GMT; domain=.trypico.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6accac42d74-ARN
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af6ca30-ca1c-47f5-b5d3-50da9648b6c5.jpeg | 34.120.237.76 | 200 OK | 5.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af6ca30-ca1c-47f5-b5d3-50da9648b6c5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6c23372c93f0515a6133f5adc26c1712 3c8388cf727cb7007308ee0b42da57f5f0db489a e24a8f21c65c6bc26698c85adb81f3712f4df9ab2dbe8075a77ea947640f8be6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af6ca30-ca1c-47f5-b5d3-50da9648b6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5512
x-amzn-requestid: db69d563-a267-49fd-a63a-9de5282ac108
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BlZKRGW-IAMFmuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640ba241-69cb4960369f1da8583e36db;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 21:33:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: pU47Uf1OAos6ZmhKohYesj3ZDaImrzXzul-FQ5DRSh_A25EK7S8GmA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 10 Mar 2023 21:51:55 GMT
etag: "3c8388cf727cb7007308ee0b42da57f5f0db489a"
content-type: image/jpeg
age: 83171
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| assets.trypico.com/trypico/_next/static/chunks/framework-a13621f622d71de1.js | 104.22.36.209 | 200 OK | 48 kB |
URL HTTP/2assets.trypico.com/trypico/_next/static/chunks/framework-a13621f622d71de1.js IP104.22.36.209:0
Hashc5ee17f7c8a5ce3440e1db60a31d373c be1636ead69aa3d5da8295bb004ecbee43ab5f02 06e9d41313ac6b7e2e8887d17d53eac96b1aaff8f18595568cd1cf734e34884e
GET /trypico/_next/static/chunks/framework-a13621f622d71de1.js HTTP/1.1
Host: assets.trypico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/javascript
cache-control: immutable,max-age=100000000,public
cf-bgj: minify
cf-polished: origSize=132037
etag: W/"0a5d6e90cc96f1ce8fb2a5e2ec1750d4"
last-modified: Thu, 09 Mar 2023 13:47:39 GMT
x-amz-id-2: i8+F+bbg8/Pzm0Nx2x7LDl119tJy5MCd3YsUVdvXwlfZ3tAnksEPjbz/LaKHEWVD/Z/NoXIU4zg=
x-amz-request-id: R584ECYBZAJK83WQ
cf-cache-status: HIT
age: 186722
set-cookie: __cf_bm=Iu4P1oz6EZjPkSGs6EsloAFxg4L4ndYvlWJKnnkGWmQ-1678568286-0-AYw6ZXrh2nsyHYEW1MLh18UNjZJ/KDMy4iQExhl8/czK0qWAIXjaddFrrG0l1onZV/lwE5L83K4ZUFIBqqpyhA4=; path=/; expires=Sat, 11-Mar-23 21:28:06 GMT; domain=.trypico.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6accac22d74-ARN
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| assets.trypico.com/trypico/_next/static/chunks/webpack-feaeef5d756218be.js | 104.22.36.209 | 200 OK | 11 kB |
URL HTTP/2assets.trypico.com/trypico/_next/static/chunks/webpack-feaeef5d756218be.js IP104.22.36.209:0
Hash4b7dac3ef0991f37934bcd1f7d073145 86f33082cde80295d204e34e32fb3586a0f0040b d39d7faf985208b96f798f1939b195dc62844b2c4b3f40d58dcff32ddf5369ea
GET /trypico/_next/static/chunks/webpack-feaeef5d756218be.js HTTP/1.1
Host: assets.trypico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/javascript
cache-control: immutable,max-age=100000000,public
cf-bgj: minify
cf-polished: origSize=9430
etag: W/"898a88463d801135567aa3a6005db500"
last-modified: Thu, 09 Mar 2023 13:47:41 GMT
x-amz-id-2: RK3Ce4LlbqGFccZNNp/VXcXOv9m7b8zvUYcDg7eBeqJzzCNSlv/GhHKzIlCv+dQD+kwCLrFRxRc=
x-amz-request-id: JVYB15EWZK9FZT05
cf-cache-status: HIT
age: 186722
set-cookie: __cf_bm=ACj.VmhvtOAHGpZtK8s5qoFW3mp9H5S5b470CKvn9sg-1678568286-0-ATuyhPtD6A1+muyvYKbHihy1cpRPBbLG7NwQigQz8NhyehZ8Nq7mDMD33791b5gYe8XxAP0ksGslwHP6MlNNuf8=; path=/; expires=Sat, 11-Mar-23 21:28:06 GMT; domain=.trypico.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6acbabc2d74-ARN
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| assets.trypico.com/trypico/_next/static/chunks/2748.842e54a23a4fb655.js | 104.22.36.209 | 200 OK | 510 kB |
URL HTTP/2assets.trypico.com/trypico/_next/static/chunks/2748.842e54a23a4fb655.js IP104.22.36.209:0
Size510 kB (509855 bytes) Hash80c04e43a0675b4e297fa914d3018efa a382cca48eaecac9aae18d187f2f9a08b3681429 8093a43bd6036155a2f228c70d27fd3532562a9f133231b2980c312f96d5c939
GET /trypico/_next/static/chunks/2748.842e54a23a4fb655.js HTTP/1.1
Host: assets.trypico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/javascript
cache-control: immutable,max-age=100000000,public
cf-bgj: minify
cf-polished: origSize=505
etag: W/"76adcb0d94a8dccd7e98e8c30b763c85"
last-modified: Thu, 09 Mar 2023 13:47:38 GMT
x-amz-id-2: sPXR8TjpN8WoG2qsAdy+hdpPmnBmKBK9/oXJ2u7tMLvXpNXcUm4IfHlpmuHl6NDMAScHY9A4GaU=
x-amz-request-id: KR018JMNPZ4GCJHM
cf-cache-status: HIT
age: 186722
set-cookie: __cf_bm=oFpsfIo1YL23BoY15rWuB9GZtqbsjD3h867hY9Zq3P4-1678568286-0-AWG2IpRpoVhV9bbD6q7XXKIAPzlqby6eWxWZuqCqntZOZNOdbCMWAEfE7D7cf1R9QZV9dAvpr/3NxajlumcGe7Q=; path=/; expires=Sat, 11-Mar-23 21:28:06 GMT; domain=.trypico.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6acbab92d74-ARN
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashf400ce71f7bcba5802fd1f9382ea6645 0abb4a603c84d51aa6825854717b99d7f4e7fe17 1f694fda1949c4f68e042dec8b3e688c97473e805668b206574954ed1439450a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 20:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtm.js?id=GTM-K7TXJH6>m_auth=>m_preview=>m_cookies_win=x | 142.250.74.40 | 200 OK | 74 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-K7TXJH6>m_auth=>m_preview=>m_cookies_win=x IP142.250.74.40:0
File typeASCII text, with very long lines (11050) Hash922acf65b80beb68c1156ae180302af1 bd0b8b524d4fd7d7245429824dad0ef94e3dfb1c d4e1228ddd3122ed17ac44c809196a0db9b0d7da0e9ab68cd14bf7ace86740a2
GET /gtm.js?id=GTM-K7TXJH6>m_auth=>m_preview=>m_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 11 Mar 2023 20:58:07 GMT
expires: Sat, 11 Mar 2023 20:58:07 GMT
cache-control: private, max-age=900
last-modified: Sat, 11 Mar 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 20 kB |
IP142.250.74.131:0
File typegzip compressed data, from Unix\012- data Hash0ff7160e53dcf964f1a49f8df04547a2 8472bc2b3054bf5d3e2cb1addbe056d4fef38eae 22c14611929b62cda2f9b2bb8ae930101ffa063d509c21ce194988f095e7db45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 20:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| images.pico.tools/production/landing_cover_1658239111354_485.jpeg | 104.26.3.192 | 200 OK | 552 kB |
URL HTTP/2images.pico.tools/production/landing_cover_1658239111354_485.jpeg IP104.26.3.192:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1360x710, components 3\012- data Size552 kB (551783 bytes) Hash942d4e4a083af5d11dec85b00d3c355a 0b993cdb1c53b538113ea2af1438a76e46f6c5ef 3482f3e5fd7feb3616b649c32f8d67d8133528dc1ad41f57881a47fbb7b554a0
GET /production/landing_cover_1658239111354_485.jpeg HTTP/1.1
Host: images.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: image/jpeg
content-length: 551783
x-amz-id-2: frbiEpxU84LKXQ8ugNrbAIBU5uXu7+dEcUpmdptztSucLhoDD8g2scJDxmfLOmKgnimXfPYqg9s=
x-amz-request-id: C9ZHH9WXQA54VP8D
last-modified: Tue, 19 Jul 2022 13:58:32 GMT
etag: "942d4e4a083af5d11dec85b00d3c355a"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPlbo2WiCv37lY5Z8rnmxjlgOUy3IPpRL5BRzKF1y9fGEvuhh3U8%2B5QI8LwoChUfDVf9Ub5oEv8ambe1ISxYkEilUvPjLeNUVNPM2tL047FzxnJL4p5dr3QOmpHnZ%2Fqla%2FGm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6ad2f990b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 2.8 kB |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
File typegzip compressed data, from Unix\012- data Hash4781fcb862939ee9a1a37c3ec05b8987 01edbf3660c58d3bf71899fb21de03eb057e9408 dac9e8babcf6446f92cfca454326d0723cd3385ffdf173346d0b12755c73585b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "084E4AE915B005189225A1E100D3DBAAD10B316E8F279CE7A94BAC5E622A5BDA"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12626
Expires: Sun, 12 Mar 2023 00:28:33 GMT
Date: Sat, 11 Mar 2023 20:58:07 GMT
Connection: keep-alive
|
|
| plausible.io/js/plausible.js |  195.181.166.158 | 200 OK | 767 B |
URL HTTP/2plausible.io/js/plausible.js IP195.181.166.158:0 ASN#60068 Datacamp Limited
File typeASCII text, with very long lines (1297), with no line terminators Hash630d3105acc2a8f5a03d7a7b2eca81de 27ae66ce738ea6643b0609684313a8dab84909f8 c649948d4db8309981648cdc2289f7c30a82db267b8c5b0e08d159bbc0fd572d
GET /js/plausible.js HTTP/1.1
Host: plausible.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:07 GMT
content-type: application/javascript
server: BunnyCDN-SE1-725
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=3600
application: 10.0.0.3
cross-origin-resource-policy: cross-origin
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/11/2023 20:16:40
cdn-edgestorageid: 725
cdn-status: 200
cdn-requestid: 77ad443ade4cfb39e2a61ebbce7edb7f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| api.pico.tools/feature_flags | 172.67.72.251 | 204 No Content | 0 B |
URL HTTP/2api.pico.tools/feature_flags IP172.67.72.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /feature_flags HTTP/1.1
Host: api.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,publisherid
Referer: https://pico.link/
Origin: https://pico.link
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 11 Mar 2023 20:58:07 GMT
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
access-control-allow-origin: https://pico.link
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,publisherid
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGZRd8AqFXcnZh8y5Au3HR8BoZZbPYq1EGoGgcAt4lWR38lU9MN%2BaQBy0TSiQOTReR2dpvdnkVUw%2FB6JKhnUKVFPggGqDGpSGBvZJ%2BIJsN1Z4d9JEd%2FssCh0bIhSDSXx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a66b6b20840b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.r2m01.amazontrust.com/ | 143.204.48.16 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP143.204.48.16:0
Hashc2fa533381abb4d471286604c1815a2e 1ca6c3473d78fdc5c7b5bb4e79878b4675c619f8 cd358c19de3a1e5cfc6838d36f303ef44f7d7a7c5a7afafc699f4c972718be1d
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 11 Mar 2023 20:58:07 GMT
Last-Modified: Sat, 11 Mar 2023 20:03:27 GMT
Server: ECAcc (nya/7970)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rkqEUBz8UCb9HD4idmzEMs0DAWDViRyMFb41cRGVUjMjejN72Jghqw==
Age: 3280
|
|
| s3.amazonaws.com/customtext.pico.tools/healdsburgtribune-1676069889578-offer-signup_rich_text-markdown.md | 54.231.194.104 | 200 OK | 175 B |
URL HTTP/1.1s3.amazonaws.com/customtext.pico.tools/healdsburgtribune-1676069889578-offer-signup_rich_text-markdown.md IP54.231.194.104:0
Hashaf7ce2d3726cc8abaaa4dbd4949afcb7 8478a0b58bdfbb6ec326a702b26b81aeb229e60e b3dd6c8f1492c458016faacc33287f46cef3144bcae602d9bc6c79a85f8c8e2e
GET /customtext.pico.tools/healdsburgtribune-1676069889578-offer-signup_rich_text-markdown.md HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pico.link
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xNjMVvE8KHMelo9tsg7LIt3qUpLTRq/JHEpWEx1nNN/IbH8+d8iNv/U6I4Hi7XHmaRCRqVA3gM4=
x-amz-request-id: 3XK21A0B43FQQKZ3
Date: Sat, 11 Mar 2023 20:58:08 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, PUT
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Fri, 10 Feb 2023 22:58:10 GMT
ETag: "af7ce2d3726cc8abaaa4dbd4949afcb7"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 175
|
|
| api.pico.tools/feature_flags | 172.67.72.251 | 200 OK | 2.0 kB |
URL HTTP/2api.pico.tools/feature_flags IP172.67.72.251:0
File typeJSON data\012- , ASCII text, with very long lines (2068), with no line terminators Hash56aea5d2e836e18af3d38c0d3327667b ba1742e35f889a6db3a417e97608f6723faa2915 e5ff52ed696a96f751c887cdd6afb0f183d930e865c75452069d2fe0379a96b5
POST /feature_flags HTTP/1.1
Host: api.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
publisherid: 97338a91-289e-4639-95ad-337d8b080b0c
Content-Length: 2
Origin: https://pico.link
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:07 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
access-control-allow-origin: https://pico.link
access-control-allow-credentials: true
access-control-expose-headers: session-id
version: v2.241.0
session-id: c0d9fcf9-c6a9-495f-a01d-aa5872095ab4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtREgMD8oXXtkuZBAVztrYgUWxEbiZ0hYvGbik3bJv93usj%2BZx%2FxIOWT4h7Tg%2FlFdAAMLIJqvg8NKhRPN43Y75cfpxMoF9MlCA8mjgvwSTE74tGETLY%2Bpgla6yq%2B1jD6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a66b6b4de19b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash5252b94db30dbb3d1ed4d623a82796ba 8aa9abb5061cba18d1287372ff89188b605baeab 8805ee0008dcd8d53965d9cdf481ad34d739685ea2284e3d1739be1062662ef3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 20:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash03da97ae3e10a32174a41aa30868b9eb 70fb7047bdce18e0921b731213d9e5d2fc63a324 b7ee067fe51a57d6a9e82a26b862697f3794351f4214b19798418b617633bded
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 20:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashcea70cd92f3f863b76facf9ef93149fa 05761090c7ff21d014d3f0d93925a0e66c925b99 dfaeabf18b09f39e3a75c6efe37f52fdb6d4056cf0a4c66ba0d8ac74539c96a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 20:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/pagead/1p-conversion/10817952811/?random=1678568287846&cv=11&fst=1678568287846&bg=ffffff&guid=ON&async=1>m=45He3360&u_w=1280&u_h=1024&label=pgAnCPWDo4oDEKu4s6Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&tiba=Healdsburg%20Tribune%20%7C%20Pico&value=0&bttype=purchase&auid=401313567.1678568288&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 | 142.250.74.132 | 302 Found | 63 B |
URL HTTP/2www.google.com/pagead/1p-conversion/10817952811/?random=1678568287846&cv=11&fst=1678568287846&bg=ffffff&guid=ON&async=1>m=45He3360&u_w=1280&u_h=1024&label=pgAnCPWDo4oDEKu4s6Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&tiba=Healdsburg%20Tribune%20%7C%20Pico&value=0&bttype=purchase&auid=401313567.1678568288&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 IP142.250.74.132:0
File typeASCII text, with no line terminators Hash0339f8f57d1bf75003db591e28957e45 ae2286e497c9f76a02cb40c40a674b73bd293b76 609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/10817952811/?random=1678568287846&cv=11&fst=1678568287846&bg=ffffff&guid=ON&async=1>m=45He3360&u_w=1280&u_h=1024&label=pgAnCPWDo4oDEKu4s6Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&tiba=Healdsburg%20Tribune%20%7C%20Pico&value=0&bttype=purchase&auid=401313567.1678568288&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 20:58:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/10817952811/?random=1678568287846&cv=11&fst=1678568287846&bg=ffffff&guid=ON&async=1>m=45He3360&u_w=1280&u_h=1024&label=pgAnCPWDo4oDEKu4s6Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&tiba=Healdsburg%20Tribune%20%7C%20Pico&value=0&bttype=purchase&auid=401313567.1678568288&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-71ZD0PTBD3&cid=716355710.1678568288>m=45je3360&aip=1&z=495268179 | 142.250.74.163 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-71ZD0PTBD3&cid=716355710.1678568288>m=45je3360&aip=1&z=495268179 IP142.250.74.163:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-71ZD0PTBD3&cid=716355710.1678568288>m=45je3360&aip=1&z=495268179 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 20:58:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| googleads.g.doubleclick.net/pagead/viewthroughconversion/10817952811/?random=1678568287846&cv=11&fst=1678568287846&fmt=3&bg=ffffff&guid=ON&async=1>m=45He3360&u_w=1280&u_h=1024&label=pgAnCPWDo4oDEKu4s6Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&tiba=Healdsburg%20Tribune%20%7C%20Pico&value=0&bttype=purchase&auid=401313567.1678568288&gcp=1&ct_cookie_present=1 | 142.250.74.130 | 200 OK | 42 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/viewthroughconversion/10817952811/?random=1678568287846&cv=11&fst=1678568287846&fmt=3&bg=ffffff&guid=ON&async=1>m=45He3360&u_w=1280&u_h=1024&label=pgAnCPWDo4oDEKu4s6Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&tiba=Healdsburg%20Tribune%20%7C%20Pico&value=0&bttype=purchase&auid=401313567.1678568288&gcp=1&ct_cookie_present=1 IP142.250.74.130:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/10817952811/?random=1678568287846&cv=11&fst=1678568287846&fmt=3&bg=ffffff&guid=ON&async=1>m=45He3360&u_w=1280&u_h=1024&label=pgAnCPWDo4oDEKu4s6Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&tiba=Healdsburg%20Tribune%20%7C%20Pico&value=0&bttype=purchase&auid=401313567.1678568288&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 20:58:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 11-Mar-2023 21:13:07 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/pagead/1p-conversion/10817952811/?random=1678568287846&cv=11&fst=1678568287846&bg=ffffff&guid=ON&async=1>m=45He3360&u_w=1280&u_h=1024&label=pgAnCPWDo4oDEKu4s6Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&tiba=Healdsburg%20Tribune%20%7C%20Pico&value=0&bttype=purchase&auid=401313567.1678568288&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 | 142.250.74.163 | 200 OK | 63 B |
URL HTTP/2www.google.no/pagead/1p-conversion/10817952811/?random=1678568287846&cv=11&fst=1678568287846&bg=ffffff&guid=ON&async=1>m=45He3360&u_w=1280&u_h=1024&label=pgAnCPWDo4oDEKu4s6Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&tiba=Healdsburg%20Tribune%20%7C%20Pico&value=0&bttype=purchase&auid=401313567.1678568288&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 IP142.250.74.163:0
File typeASCII text, with no line terminators Hash0339f8f57d1bf75003db591e28957e45 ae2286e497c9f76a02cb40c40a674b73bd293b76 609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/10817952811/?random=1678568287846&cv=11&fst=1678568287846&bg=ffffff&guid=ON&async=1>m=45He3360&u_w=1280&u_h=1024&label=pgAnCPWDo4oDEKu4s6Yo&hn=www.google.com&frm=0&url=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&tiba=Healdsburg%20Tribune%20%7C%20Pico&value=0&bttype=purchase&auid=401313567.1678568288&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pico.link/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 20:58:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashec6311aff40cad7ab34f00d36611b030 cf544610c8266b570673ea252aafe9339f145707 155dc155e18b34ee37d7c61224e421db376a38ac40e6fbf6c2939d8747a01c9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 20:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashcea70cd92f3f863b76facf9ef93149fa 05761090c7ff21d014d3f0d93925a0e66c925b99 dfaeabf18b09f39e3a75c6efe37f52fdb6d4056cf0a4c66ba0d8ac74539c96a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 20:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash03da97ae3e10a32174a41aa30868b9eb 70fb7047bdce18e0921b731213d9e5d2fc63a324 b7ee067fe51a57d6a9e82a26b862697f3794351f4214b19798418b617633bded
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 20:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-71ZD0PTBD3>m=45je3360&_p=215790426&_gaz=1&cid=716355710.1678568288&ul=en-us&sr=1280x1024&_s=1&sid=1678568288&sct=1&seg=0&dl=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&dt=Healdsburg%20Tribune%20%7C%20Pico&en=page_view&_fv=1&_nsi=1&_ss=1 | 216.239.34.36 | 204 No Content | 0 B |
URL HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-71ZD0PTBD3>m=45je3360&_p=215790426&_gaz=1&cid=716355710.1678568288&ul=en-us&sr=1280x1024&_s=1&sid=1678568288&sct=1&seg=0&dl=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&dt=Healdsburg%20Tribune%20%7C%20Pico&en=page_view&_fv=1&_nsi=1&_ss=1 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-71ZD0PTBD3>m=45je3360&_p=215790426&_gaz=1&cid=716355710.1678568288&ul=en-us&sr=1280x1024&_s=1&sid=1678568288&sct=1&seg=0&dl=https%3A%2F%2Fpico.link%2Fhealdsburgtribune%2F65zn8dwp&dt=Healdsburg%20Tribune%20%7C%20Pico&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pico.link
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://pico.link
date: Sat, 11 Mar 2023 20:58:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/g/collect?v=2&tid=G-71ZD0PTBD3&cid=716355710.1678568288>m=45je3360&aip=1 | 173.194.73.155 | 204 No Content | 0 B |
URL HTTP/2stats.g.doubleclick.net/g/collect?v=2&tid=G-71ZD0PTBD3&cid=716355710.1678568288>m=45je3360&aip=1 IP173.194.73.155:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-71ZD0PTBD3&cid=716355710.1678568288>m=45je3360&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pico.link
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://pico.link
date: Sat, 11 Mar 2023 20:58:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.pico.tools/client/newsletters | 172.67.72.251 | 204 No Content | 15 kB |
URL HTTP/2api.pico.tools/client/newsletters IP172.67.72.251:0
File typegzip compressed data, from Unix\012- data Hasha462d08e48cf6c21543ec59f15558209 cfd9f0cf30f42166ee66f4584518e38b7f959d37 b7a371c293238d629e3e0ec4d12e2d1c7fe461db2a3fc8d7eee3a121662e093c
OPTIONS /client/newsletters HTTP/1.1
Host: api.pico.tools
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: publisherid
Referer: https://pico.link/
Origin: https://pico.link
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 11 Mar 2023 20:58:08 GMT
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding, Origin
access-control-allow-origin: https://pico.link
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: publisherid
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBjFp6Dr%2FGBBJqpwXX5OClp1ahSBDEFOVaX8tXp7L%2BmI3L866mKMPN89y%2Fy%2BBPdw1QIiaqsfhl7tShI068awa76gbGaNAhd2AJDdepa36HJi980l%2BjI0Jx%2B3V%2FS%2FPi5B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a66b6b8ce05b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pico.link/healdsburgtribune?short_code=65zn8dwp | 104.26.1.202 | 301 Moved Permanently | 0 B |
URL HTTP/2pico.link/healdsburgtribune?short_code=65zn8dwp IP104.26.1.202:0
GET /healdsburgtribune?short_code=65zn8dwp HTTP/1.1
Host: pico.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 11 Mar 2023 20:58:05 GMT
set-cookie: AWSALB=7trJaCtZh0fLgPHa81uoec6mxmlXTwMlMKbej+SVc84mbtJpRKD8qOkmin5tAPlyKWMqNaS2jG3pkeyqpO62dEqbtxRoEiua4x1tCOlTygnZM1fCKx8e3B8ZCKKj; Expires=Sat, 18 Mar 2023 20:58:05 GMT; Path=/
AWSALBCORS=7trJaCtZh0fLgPHa81uoec6mxmlXTwMlMKbej+SVc84mbtJpRKD8qOkmin5tAPlyKWMqNaS2jG3pkeyqpO62dEqbtxRoEiua4x1tCOlTygnZM1fCKx8e3B8ZCKKj; Expires=Sat, 18 Mar 2023 20:58:05 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
service-worker-allowed: /
location: /healdsburgtribune/65zn8dwp
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJWI6hMVyh1RdQrIWRbWe4VEIl4TY%2BbnFJ46c8fdogcsNKdysZQ3CAlspfTnLUy9ue4nZY3R5Lv72p5A963k%2Fjnr5DSTXlfK6TrMNFNKo%2BKJGIiEXqJthamFLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a66b6a58d390afe-OSL
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css IP104.18.10.207:0
GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 24009274
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a66b6ac19f6b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.segment.com/analytics.js/v1/9PJEnnxhaJQ8zKKwE1niARnuRVBPn3iu/analytics.min.js | 143.204.48.96 | 200 OK | 0 B |
URL HTTP/2cdn.segment.com/analytics.js/v1/9PJEnnxhaJQ8zKKwE1niARnuRVBPn3iu/analytics.min.js IP143.204.48.96:0
GET /analytics.js/v1/9PJEnnxhaJQ8zKKwE1niARnuRVBPn3iu/analytics.min.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Wed, 25 Jan 2023 12:12:47 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: XwmWaQuOgSKL9RlOQCUCDF5QY9x3FT1g
server: AmazonS3
content-encoding: br
date: Sat, 11 Mar 2023 20:58:08 GMT
cache-control: public, max-age=120
etag: W/"ee296ada1a884aa646507d65ae13cdf8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KOHPpIl_mOJUX77YhzVs-0H3FM7GVDXdPBaxlpYt_dyU80KgFTMxjw==
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/intl-tel-input@17.0.3/build/js/utils.js | 104.16.88.20 | 200 OK | 0 B |
URL HTTP/2cdn.jsdelivr.net/npm/intl-tel-input@17.0.3/build/js/utils.js IP104.16.88.20:0
GET /npm/intl-tel-input@17.0.3/build/js/utils.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:07 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 17.0.3
x-jsd-version-type: version
etag: W/"3bfe2-twT61oRFqSwzJ8XuamPFBYzoPxU"
x-served-by: cache-fra-eddf8230074-FRA, cache-yyz4569-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1498133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0B8lFyI1I2CR8h2HaM%2FjusjdB92KaBeK38RG8zMcDIFLUNZOMWr64W0G0GLwDndCJuuD%2BRYmqp0C6rjxPXyul2z7VxpDSoZRcdIEZLS6rkTRoXUmD0HCQlIeBEwvp51I%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a66b6b7a8920b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| assets.trypico.com/trypico/_next/static/css/a7fdbb9db8ece83d.css | 104.22.36.209 | 200 OK | 0 B |
URL HTTP/2assets.trypico.com/trypico/_next/static/css/a7fdbb9db8ece83d.css IP104.22.36.209:0
GET /trypico/_next/static/css/a7fdbb9db8ece83d.css HTTP/1.1
Host: assets.trypico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/css
cache-control: immutable,max-age=100000000,public
cf-bgj: minify
etag: W/"8d077a77612beb73c7dc3021a2d5cff3"
last-modified: Thu, 09 Mar 2023 13:47:41 GMT
x-amz-id-2: YJ+OCxpIYapvZqrjfL0zjMbw/t2bt0JAFwGlkli/zKFEXZFMgnaOQK1Fo7lTKV45SiIJkyuOJeU=
x-amz-request-id: KR06F18C5A7EVGPM
cf-cache-status: HIT
age: 186722
set-cookie: __cf_bm=BGF5Hgrv822IexdUcY0LaesNmzVucPiGSQpBdXqj9E0-1678568286-0-AcNyRRBMa61kRD0zifkKqzU5PoBiHXqHHyJBsPlZCChVdgDhYzPC26Rgxd/uvvORw39w1RALTF75DvDzHSZBCGY=; path=/; expires=Sat, 11-Mar-23 21:28:06 GMT; domain=.trypico.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6acbab42d74-ARN
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| assets.trypico.com/trypico/_next/static/chunks/pages/_app-be5cbf1a39b11395.js | 104.22.36.209 | 200 OK | 0 B |
URL HTTP/2assets.trypico.com/trypico/_next/static/chunks/pages/_app-be5cbf1a39b11395.js IP104.22.36.209:0
GET /trypico/_next/static/chunks/pages/_app-be5cbf1a39b11395.js HTTP/1.1
Host: assets.trypico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/javascript
cache-control: immutable,max-age=100000000,public
cf-bgj: minify
cf-polished: origSize=2913779
etag: W/"82c633e0463a54a44831132bf8c25278"
last-modified: Thu, 09 Mar 2023 13:47:41 GMT
x-amz-id-2: P4aRIbvU0z6H5iM9/A7ANNm2BJe3aQH3bv0WgU7rWkydT1Zi1fhJ1kxPzSI1EH2ztFnyjjRzsRw=
x-amz-request-id: R586BD6AZWKKA2AB
cf-cache-status: HIT
age: 186722
set-cookie: __cf_bm=kbHCuTg_MmYYQnF_EXFE0CcEAqKWxH_5qcCaTletzBw-1678568286-0-ATDA1vXkDAaq32XD99ahGyvYMA+bbUTsogVfuO/C6kBu9Q/Df+MGeUqj49VtmrkeMwZTYJw+Zn3+bCtiuLjbviA=; path=/; expires=Sat, 11-Mar-23 21:28:06 GMT; domain=.trypico.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a66b6accac32d74-ARN
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pico.link/healdsburgtribune/65zn8dwp | 104.26.1.202 | 200 OK | 0 B |
URL HTTP/2pico.link/healdsburgtribune/65zn8dwp IP104.26.1.202:0
GET /healdsburgtribune/65zn8dwp HTTP/1.1
Host: pico.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AWSALB=7trJaCtZh0fLgPHa81uoec6mxmlXTwMlMKbej+SVc84mbtJpRKD8qOkmin5tAPlyKWMqNaS2jG3pkeyqpO62dEqbtxRoEiua4x1tCOlTygnZM1fCKx8e3B8ZCKKj; AWSALBCORS=7trJaCtZh0fLgPHa81uoec6mxmlXTwMlMKbej+SVc84mbtJpRKD8qOkmin5tAPlyKWMqNaS2jG3pkeyqpO62dEqbtxRoEiua4x1tCOlTygnZM1fCKx8e3B8ZCKKj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=UxGN/+EnC1rbOlLj5nZW13eKsiOHjYiLnM3BUYSB9WJEK+Hd2D8cewmTDGF3bVLN9yCCtXuhAl1sZx9mq/0d0FLG5Ns8NaVe/n6SAE23omM87yI+hgmE4gyBAeju; Expires=Sat, 18 Mar 2023 20:58:05 GMT; Path=/
AWSALBCORS=UxGN/+EnC1rbOlLj5nZW13eKsiOHjYiLnM3BUYSB9WJEK+Hd2D8cewmTDGF3bVLN9yCCtXuhAl1sZx9mq/0d0FLG5Ns8NaVe/n6SAE23omM87yI+hgmE4gyBAeju; Expires=Sat, 18 Mar 2023 20:58:05 GMT; Path=/; SameSite=None; Secure
x-powered-by: Next.js
service-worker-allowed: /
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OccraWGqlpDQMJG2q153qdD2lV5ATK%2BD2gQrpKhlG4lCeDuiRCLX6MN9kcP%2F8B7C2X8dFhhILbNZS%2BkQszOECLvWY821i3%2B8nAZbxmglUG06T%2BD5h2%2Bw7imXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a66b6a878cd0afe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.d0fc84c62e956d168cce.js | 143.204.48.96 | 200 OK | 0 B |
URL HTTP/2cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.d0fc84c62e956d168cce.js IP143.204.48.96:0
GET /analytics-next/bundles/schemaFilter.bundle.d0fc84c62e956d168cce.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 16 Jan 2023 02:25:35 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 00:06:36 GMT
etag: W/"d6985af1d6ad9e8c2f97f24f7b27306e"
cache-control: public,max-age=31536000,immutable
x-amz-version-id: VLQuST3Rg1zoSyN.SWag4b2R93Pv7oyc
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cXUzMoSlbKRtfY-CpmflczB6x0lzNPVnHV8onUGuPk--b3Jy-cilpA==
age: 4732354
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap-grid.min.css | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap-grid.min.css IP104.18.10.207:0
GET /bootstrap/4.3.1/css/bootstrap-grid.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 20:58:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 08/03/2021 22:43:18
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 58043c15b026caf5bead99cce5948666
cdn-cache: HIT
cf-cache-status: HIT
age: 4457488
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a66b6ac1a03b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.2cd9e450202b69d545a3.js | 143.204.48.96 | 200 OK | 0 B |
URL HTTP/2cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.2cd9e450202b69d545a3.js IP143.204.48.96:0
GET /analytics-next/bundles/ajs-destination.bundle.2cd9e450202b69d545a3.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pico.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 07 Mar 2023 01:16:11 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 26 Jan 2023 20:14:52 GMT
etag: W/"cc39e85781964199cd0d9501c897e385"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
x-amz-version-id: jZ2L92raJDMf08tukXqdJ6aGBdPFzdTy
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SosoIv1E0XI22JQH6UkZg8QHQj-e0UPQd-P2qgW-w19a8dXOBLp89g==
age: 416517
X-Firefox-Spdy: h2
|
|