tpbproxyone.org/torrent/22977977/DERE_EVIL_.EXE
207.244.67.216200 OK 507 B URL HTTP/1.1 tpbproxyone.org/torrent/22977977/DERE_EVIL_.EXE
IP 207.244.67.216:0
ASN #30633 LEASEWEB-USA-WDC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (507), with no line terminators
Hash 3a0e8e591d4084798e5a8fdeb8bcd1ea
0e035b631e492affd740f5ac47074004d1bce9ac
3bf6f416cb4e8a83d925b5e4a22bce22a1d6f28ee263d1fd4888ece6d49c3504
GET /torrent/22977977/DERE_EVIL_.EXE HTTP/1.1
Host: tpbproxyone.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 507
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 02:04:58 GMT
server: nginx
set-cookie: sid=aa1a5f5e-a10b-11ed-bbcb-16925d3fef1e; path=/; domain=.tpbproxyone.org; expires=Sun, 18 Feb 2091 05:19:05 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10602
Expires: Tue, 31 Jan 2023 05:01:41 GMT
Date: Tue, 31 Jan 2023 02:04:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10197
Expires: Tue, 31 Jan 2023 04:54:56 GMT
Date: Tue, 31 Jan 2023 02:04:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4644
Expires: Tue, 31 Jan 2023 03:22:23 GMT
Date: Tue, 31 Jan 2023 02:04:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 01:35:50 GMT
content-type: application/json
age: 1749
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: g6c09rJ82BPUfZOqN6HWRAVaIMGYBUL55CoeG1j0H+kFijWu76sDjoUnVmMjXpB/cd8QZCtG9ro=
x-amz-request-id: ZE8TNAVFCZQH6STZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 01:22:01 GMT
age: 2578
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:04:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tpbproxyone.org/favicon.ico
207.244.67.216404 Not Found 9 B URL HTTP/1.1 tpbproxyone.org/favicon.ico
IP 207.244.67.216:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: tpbproxyone.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tpbproxyone.org/torrent/22977977/DERE_EVIL_.EXE
Cookie: sid=aa1a5f5e-a10b-11ed-bbcb-16925d3fef1e
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Tue, 31 Jan 2023 02:04:58 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 01:49:04 GMT
age: 955
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8810
Expires: Tue, 31 Jan 2023 04:31:49 GMT
Date: Tue, 31 Jan 2023 02:04:59 GMT
Connection: keep-alive
tpbproxyone.org/torrent/22977977/DERE_EVIL_.EXE?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTEzNzg5OCwiaWF0IjoxNjc1MTMwNjk4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZrNHZta2NoY2hia3VybWcxMWo4a2EiLCJuYmYiOjE2NzUxMzA2OTgsInRzIjoxNjc1MTMwNjk4OTAxNjg3fQ.K9-DqlHfGNa-n6ZnGpdXbjNa0iAjIqK0l5OpbFv1HRo&sid=aa1a5f5e-a10b-11ed-bbcb-16925d3fef1e
207.244.67.216302 Found 11 B URL HTTP/1.1 tpbproxyone.org/torrent/22977977/DERE_EVIL_.EXE?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTEzNzg5OCwiaWF0IjoxNjc1MTMwNjk4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZrNHZta2NoY2hia3VybWcxMWo4a2EiLCJuYmYiOjE2NzUxMzA2OTgsInRzIjoxNjc1MTMwNjk4OTAxNjg3fQ.K9-DqlHfGNa-n6ZnGpdXbjNa0iAjIqK0l5OpbFv1HRo&sid=aa1a5f5e-a10b-11ed-bbcb-16925d3fef1e
IP 207.244.67.216:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /torrent/22977977/DERE_EVIL_.EXE?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NTEzNzg5OCwiaWF0IjoxNjc1MTMwNjk4LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3ZrNHZta2NoY2hia3VybWcxMWo4a2EiLCJuYmYiOjE2NzUxMzA2OTgsInRzIjoxNjc1MTMwNjk4OTAxNjg3fQ.K9-DqlHfGNa-n6ZnGpdXbjNa0iAjIqK0l5OpbFv1HRo&sid=aa1a5f5e-a10b-11ed-bbcb-16925d3fef1e HTTP/1.1
Host: tpbproxyone.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tpbproxyone.org/torrent/22977977/DERE_EVIL_.EXE
Cookie: sid=aa1a5f5e-a10b-11ed-bbcb-16925d3fef1e
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 31 Jan 2023 02:04:59 GMT
location: http://btpnative.com/click?data=dDBWdEluTHJDNXYyZy1BMzZ1VVdxUHlZQnRRSUt3MmtXa3BVdDRKQlRSbUF1VjhLcmgtVXNNRjhjeWJwWXNvV3ljeVo0ejFBd1RDNTJTVWxTMWFGampULTRTQnZQMmZsdzBsUVU4SkJ2TVlWUXVMS1ZkSmJPRmNfUUpKTndkSmhBc2IxRnU3bUFSX2E0b3IzOWxreVhRMg2&id=006702cd-0967-495c-aec7-e78f91aa3a20
server: nginx
set-cookie: sid=aa1a5f5e-a10b-11ed-bbcb-16925d3fef1e; path=/; domain=.tpbproxyone.org; expires=Sun, 18 Feb 2091 05:19:07 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
54.187.84.223101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.84.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xfPu0eYYoBajI+ZhVGAz0g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7mpmg7Hj+YKkwNimsdxfEhVfaHo=
btpnative.com/click?data=dDBWdEluTHJDNXYyZy1BMzZ1VVdxUHlZQnRRSUt3MmtXa3BVdDRKQlRSbUF1VjhLcmgtVXNNRjhjeWJwWXNvV3ljeVo0ejFBd1RDNTJTVWxTMWFGampULTRTQnZQMmZsdzBsUVU4SkJ2TVlWUXVMS1ZkSmJPRmNfUUpKTndkSmhBc2IxRnU3bUFSX2E0b3IzOWxreVhRMg2&id=006702cd-0967-495c-aec7-e78f91aa3a20
192.99.158.241200 OK 5.5 kB URL HTTP/1.1 btpnative.com/click?data=dDBWdEluTHJDNXYyZy1BMzZ1VVdxUHlZQnRRSUt3MmtXa3BVdDRKQlRSbUF1VjhLcmgtVXNNRjhjeWJwWXNvV3ljeVo0ejFBd1RDNTJTVWxTMWFGampULTRTQnZQMmZsdzBsUVU4SkJ2TVlWUXVMS1ZkSmJPRmNfUUpKTndkSmhBc2IxRnU3bUFSX2E0b3IzOWxreVhRMg2&id=006702cd-0967-495c-aec7-e78f91aa3a20
IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash 91c36b3b985504b3370d4c343b9c98e1
33124d61f319e88ecddb6dd0835c89143d96c6ce
ac32a1ac177e2a6e63307e76315604e67d6353b640ff7da900bfe92495421051
GET /click?data=dDBWdEluTHJDNXYyZy1BMzZ1VVdxUHlZQnRRSUt3MmtXa3BVdDRKQlRSbUF1VjhLcmgtVXNNRjhjeWJwWXNvV3ljeVo0ejFBd1RDNTJTVWxTMWFGampULTRTQnZQMmZsdzBsUVU4SkJ2TVlWUXVMS1ZkSmJPRmNfUUpKTndkSmhBc2IxRnU3bUFSX2E0b3IzOWxreVhRMg2&id=006702cd-0967-495c-aec7-e78f91aa3a20 HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tpbproxyone.org/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: ccgpPNNeDuuzeGn=ccgpPNNeDuuzeGn; path=/
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Tue, 31 Jan 2023 02:05:00 GMT
Content-Length: 5470
btpnative.com/Redirect/
192.99.158.241302 Found 1.9 kB IP 192.99.158.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1833), with CRLF line terminators
Hash 4fd3291e58a5aad0639bf9ed4f64a037
7420b804df5c1e06791f742619317ac5fc97236b
e70a53957aeedd7b47dfc670f37830eacf7a4f6b965e0a93b8a7c5e2d69d047f
POST /Redirect/ HTTP/1.1
Host: btpnative.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 358
Origin: http://btpnative.com
Connection: keep-alive
Referer: http://btpnative.com/click?data=dDBWdEluTHJDNXYyZy1BMzZ1VVdxUHlZQnRRSUt3MmtXa3BVdDRKQlRSbUF1VjhLcmgtVXNNRjhjeWJwWXNvV3ljeVo0ejFBd1RDNTJTVWxTMWFGampULTRTQnZQMmZsdzBsUVU4SkJ2TVlWUXVMS1ZkSmJPRmNfUUpKTndkSmhBc2IxRnU3bUFSX2E0b3IzOWxreVhRMg2&id=006702cd-0967-495c-aec7-e78f91aa3a20
Cookie: ccgpPNNeDuuzeGn=ccgpPNNeDuuzeGn
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzx8Me0kzRtReLyT4nqgY4lUIKv2ZHTfRFmdNRMz_dvhc29XXvCS9-JLFXNSHgbbvMDcVgn291AC8_M1Mmbofr-ZKceZDQZtXA_b5np8cxJs0YFos_XX7JtPGVWViaJip_gzuORprI4qlt_7kfAZbXZ_3hitpdaEoqb0ydhoZZBqkiOFUSTI7wWesQ9eRj1dK3N-v8BIHlO6ic7m3ynBUcsyUE6MorZxE-9hV4AbS8Fh36g3txk1fZiBIiEGfLCfKHnQQ2Kfo2H--uEn4AkkWG5W9dKDCqaorJkjp3kQ3vjXpxcMc9t0-Ifg5jNi2LLofFcwWK4f86GKtq-BTbUqoyOTW-JGyDg7SXXq85s0cP1DnpEsfwoCuln4rymMpy1wzSkkYz9F6VKwaNuydrbih0BPnoqGn5uHZoui9WEKVZxZX9eOGDO9xP9fgY3t6xIW8DZiZGyfLoIBm_Y6UtOqiQgcDDhC0jlEh9x3A4I2R5IkXxuS3zXNnE691SLYXqlB_pYJBoTPX5eccLGIoYMCT98-0bEjzXcuSWhT39u56G-BU3LSDKxUn4VX7RHopvncO6dqysHoRPoUkMa13p3zeYeqiepGvAlG_wM2GQGd_ZuDPdxUJ5MY6eZL9C0f0aUjYbRNjh3WeP32yQPiuzYfez3NWjKAro-UUNnDX0gpdFb3-zxIbTGhkzHWaIy-R46lUGgfh3Y1MH56Zm1QpQRJMYmB2ECJBt9vwd-OwZWWftn_5RMLHybMVhST2W37oH6xfmZ_BxgeVkJ36yPH48JebCjsDaToxERLd_aCIlGoVRQJDpsednW4pcl0lD0N8hDzFtLU2t-tWAeTkVDZuQkEG5wIxhv8Lw4VylbmlfjYDTrrafw1SKI-9ZPvP9pXM4PSBvLe1ILOZ7OBzlNutIB6Hz7qTBENSMYjcUQ0bB2K52XJy6--SbD5laSmv8OAOfbapXyF9vqLkO1okJjVRdfERxnpPrNlvX_YX1XmSbM_sbQoXQiNEIq-_5P4bmd5pK5C0BrbrbaV-Q-Q0GOHDwEijbN_plOeqYhTmSL2-CZ-WP5Ae_GBapAefEedwhB_Zk1AGld6ZTJk1fseIedozOvh8r9KlsereocjznoTs-GWl660JqzKTrAA5x-10P90web2j7D_wgxRblbXfph7I7LU2o2yAAgng0nXxw5JhNabLcsbh6tomle7E0QN4MERqc-xHHFxNC1E927HtTVPUJlZQJfjIbJYOSXzm4qIjwxky0eLa_fv58kzvM4lem70uCFpQ4OLpCdykaf-SEJZRj4sC8OPzY9V_k44LoQN8-iDLKN_vYFy7zCzpgZqDzvh9KUF737nTAHAGYpFgbBOlHZJ3RWqOGmBQWhye8ngEAy6fYzMdsVAADzfJQVuka0eXXXgbq0oV5XrLjF3YcXGt0WeABMsMNpwwbX0HMd8pw-VDmwYuVBFyIBXMU7hVyTW5GNlrTLB8l_jO4gHZhIYthWPRLRoviwwmQDPT1QlWRxVzhx8yk0ewOPMMpKNRlbiaxp54rfhJ8duLREOQyQ8rO8psjJJpGOLgUQ9i2ykyVj5wQuz6qX1tJVrS9YmnDbgPVk5JoHd77RSsFrweAyflzDP0ndW50wBwBmKRYK2D4auJvfGxOvc5wwgJIwO50wBwBmKRYFRqx4IAE847nHOFig1NfW6HVDv-ud4rYbkcEcAYjxpLEJ4jFs6lChbYgG7afTXkyA
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Tue, 31 Jan 2023 02:05:00 GMT
Content-Length: 1905
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash bc288310c7a5f80bbc8e5dbeace292af
d68ca97515594770b04f3c3ae943d186e75ad2c5
6def27992aed1f32911f4820b432dca388db29e13b623596229f8e2ccfb9435f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:05:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 19:25:42 GMT
Expires: Sun, 05 Feb 2023 19:25:41 GMT
Etag: "d68ca97515594770b04f3c3ae943d186e75ad2c5"
Cache-Control: max-age=493839,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791ee141882bb518-OSL
mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzx8Me0kzRtReLyT4nqgY4lUIKv2ZHTfRFmdNRMz_dvhc29XXvCS9-JLFXNSHgbbvMDcVgn291AC8_M1Mmbofr-ZKceZDQZtXA_b5np8cxJs0YFos_XX7JtPGVWViaJip_gzuORprI4qlt_7kfAZbXZ_3hitpdaEoqb0ydhoZZBqkiOFUSTI7wWesQ9eRj1dK3N-v8BIHlO6ic7m3ynBUcsyUE6MorZxE-9hV4AbS8Fh36g3txk1fZiBIiEGfLCfKHnQQ2Kfo2H--uEn4AkkWG5W9dKDCqaorJkjp3kQ3vjXpxcMc9t0-Ifg5jNi2LLofFcwWK4f86GKtq-BTbUqoyOTW-JGyDg7SXXq85s0cP1DnpEsfwoCuln4rymMpy1wzSkkYz9F6VKwaNuydrbih0BPnoqGn5uHZoui9WEKVZxZX9eOGDO9xP9fgY3t6xIW8DZiZGyfLoIBm_Y6UtOqiQgcDDhC0jlEh9x3A4I2R5IkXxuS3zXNnE691SLYXqlB_pYJBoTPX5eccLGIoYMCT98-0bEjzXcuSWhT39u56G-BU3LSDKxUn4VX7RHopvncO6dqysHoRPoUkMa13p3zeYeqiepGvAlG_wM2GQGd_ZuDPdxUJ5MY6eZL9C0f0aUjYbRNjh3WeP32yQPiuzYfez3NWjKAro-UUNnDX0gpdFb3-zxIbTGhkzHWaIy-R46lUGgfh3Y1MH56Zm1QpQRJMYmB2ECJBt9vwd-OwZWWftn_5RMLHybMVhST2W37oH6xfmZ_BxgeVkJ36yPH48JebCjsDaToxERLd_aCIlGoVRQJDpsednW4pcl0lD0N8hDzFtLU2t-tWAeTkVDZuQkEG5wIxhv8Lw4VylbmlfjYDTrrafw1SKI-9ZPvP9pXM4PSBvLe1ILOZ7OBzlNutIB6Hz7qTBENSMYjcUQ0bB2K52XJy6--SbD5laSmv8OAOfbapXyF9vqLkO1okJjVRdfERxnpPrNlvX_YX1XmSbM_sbQoXQiNEIq-_5P4bmd5pK5C0BrbrbaV-Q-Q0GOHDwEijbN_plOeqYhTmSL2-CZ-WP5Ae_GBapAefEedwhB_Zk1AGld6ZTJk1fseIedozOvh8r9KlsereocjznoTs-GWl660JqzKTrAA5x-10P90web2j7D_wgxRblbXfph7I7LU2o2yAAgng0nXxw5JhNabLcsbh6tomle7E0QN4MERqc-xHHFxNC1E927HtTVPUJlZQJfjIbJYOSXzm4qIjwxky0eLa_fv58kzvM4lem70uCFpQ4OLpCdykaf-SEJZRj4sC8OPzY9V_k44LoQN8-iDLKN_vYFy7zCzpgZqDzvh9KUF737nTAHAGYpFgbBOlHZJ3RWqOGmBQWhye8ngEAy6fYzMdsVAADzfJQVuka0eXXXgbq0oV5XrLjF3YcXGt0WeABMsMNpwwbX0HMd8pw-VDmwYuVBFyIBXMU7hVyTW5GNlrTLB8l_jO4gHZhIYthWPRLRoviwwmQDPT1QlWRxVzhx8yk0ewOPMMpKNRlbiaxp54rfhJ8duLREOQyQ8rO8psjJJpGOLgUQ9i2ykyVj5wQuz6qX1tJVrS9YmnDbgPVk5JoHd77RSsFrweAyflzDP0ndW50wBwBmKRYK2D4auJvfGxOvc5wwgJIwO50wBwBmKRYFRqx4IAE847nHOFig1NfW6HVDv-ud4rYbkcEcAYjxpLEJ4jFs6lChbYgG7afTXkyA
52.116.53.155302 Found 0 B URL HTTP/2 mybettermb.com/aS/feedclick?s=HFz5zNIIs95ROWPasgEEzx8Me0kzRtReLyT4nqgY4lUIKv2ZHTfRFmdNRMz_dvhc29XXvCS9-JLFXNSHgbbvMDcVgn291AC8_M1Mmbofr-ZKceZDQZtXA_b5np8cxJs0YFos_XX7JtPGVWViaJip_gzuORprI4qlt_7kfAZbXZ_3hitpdaEoqb0ydhoZZBqkiOFUSTI7wWesQ9eRj1dK3N-v8BIHlO6ic7m3ynBUcsyUE6MorZxE-9hV4AbS8Fh36g3txk1fZiBIiEGfLCfKHnQQ2Kfo2H--uEn4AkkWG5W9dKDCqaorJkjp3kQ3vjXpxcMc9t0-Ifg5jNi2LLofFcwWK4f86GKtq-BTbUqoyOTW-JGyDg7SXXq85s0cP1DnpEsfwoCuln4rymMpy1wzSkkYz9F6VKwaNuydrbih0BPnoqGn5uHZoui9WEKVZxZX9eOGDO9xP9fgY3t6xIW8DZiZGyfLoIBm_Y6UtOqiQgcDDhC0jlEh9x3A4I2R5IkXxuS3zXNnE691SLYXqlB_pYJBoTPX5eccLGIoYMCT98-0bEjzXcuSWhT39u56G-BU3LSDKxUn4VX7RHopvncO6dqysHoRPoUkMa13p3zeYeqiepGvAlG_wM2GQGd_ZuDPdxUJ5MY6eZL9C0f0aUjYbRNjh3WeP32yQPiuzYfez3NWjKAro-UUNnDX0gpdFb3-zxIbTGhkzHWaIy-R46lUGgfh3Y1MH56Zm1QpQRJMYmB2ECJBt9vwd-OwZWWftn_5RMLHybMVhST2W37oH6xfmZ_BxgeVkJ36yPH48JebCjsDaToxERLd_aCIlGoVRQJDpsednW4pcl0lD0N8hDzFtLU2t-tWAeTkVDZuQkEG5wIxhv8Lw4VylbmlfjYDTrrafw1SKI-9ZPvP9pXM4PSBvLe1ILOZ7OBzlNutIB6Hz7qTBENSMYjcUQ0bB2K52XJy6--SbD5laSmv8OAOfbapXyF9vqLkO1okJjVRdfERxnpPrNlvX_YX1XmSbM_sbQoXQiNEIq-_5P4bmd5pK5C0BrbrbaV-Q-Q0GOHDwEijbN_plOeqYhTmSL2-CZ-WP5Ae_GBapAefEedwhB_Zk1AGld6ZTJk1fseIedozOvh8r9KlsereocjznoTs-GWl660JqzKTrAA5x-10P90web2j7D_wgxRblbXfph7I7LU2o2yAAgng0nXxw5JhNabLcsbh6tomle7E0QN4MERqc-xHHFxNC1E927HtTVPUJlZQJfjIbJYOSXzm4qIjwxky0eLa_fv58kzvM4lem70uCFpQ4OLpCdykaf-SEJZRj4sC8OPzY9V_k44LoQN8-iDLKN_vYFy7zCzpgZqDzvh9KUF737nTAHAGYpFgbBOlHZJ3RWqOGmBQWhye8ngEAy6fYzMdsVAADzfJQVuka0eXXXgbq0oV5XrLjF3YcXGt0WeABMsMNpwwbX0HMd8pw-VDmwYuVBFyIBXMU7hVyTW5GNlrTLB8l_jO4gHZhIYthWPRLRoviwwmQDPT1QlWRxVzhx8yk0ewOPMMpKNRlbiaxp54rfhJ8duLREOQyQ8rO8psjJJpGOLgUQ9i2ykyVj5wQuz6qX1tJVrS9YmnDbgPVk5JoHd77RSsFrweAyflzDP0ndW50wBwBmKRYK2D4auJvfGxOvc5wwgJIwO50wBwBmKRYFRqx4IAE847nHOFig1NfW6HVDv-ud4rYbkcEcAYjxpLEJ4jFs6lChbYgG7afTXkyA
IP 52.116.53.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aS/feedclick?s=HFz5zNIIs95ROWPasgEEzx8Me0kzRtReLyT4nqgY4lUIKv2ZHTfRFmdNRMz_dvhc29XXvCS9-JLFXNSHgbbvMDcVgn291AC8_M1Mmbofr-ZKceZDQZtXA_b5np8cxJs0YFos_XX7JtPGVWViaJip_gzuORprI4qlt_7kfAZbXZ_3hitpdaEoqb0ydhoZZBqkiOFUSTI7wWesQ9eRj1dK3N-v8BIHlO6ic7m3ynBUcsyUE6MorZxE-9hV4AbS8Fh36g3txk1fZiBIiEGfLCfKHnQQ2Kfo2H--uEn4AkkWG5W9dKDCqaorJkjp3kQ3vjXpxcMc9t0-Ifg5jNi2LLofFcwWK4f86GKtq-BTbUqoyOTW-JGyDg7SXXq85s0cP1DnpEsfwoCuln4rymMpy1wzSkkYz9F6VKwaNuydrbih0BPnoqGn5uHZoui9WEKVZxZX9eOGDO9xP9fgY3t6xIW8DZiZGyfLoIBm_Y6UtOqiQgcDDhC0jlEh9x3A4I2R5IkXxuS3zXNnE691SLYXqlB_pYJBoTPX5eccLGIoYMCT98-0bEjzXcuSWhT39u56G-BU3LSDKxUn4VX7RHopvncO6dqysHoRPoUkMa13p3zeYeqiepGvAlG_wM2GQGd_ZuDPdxUJ5MY6eZL9C0f0aUjYbRNjh3WeP32yQPiuzYfez3NWjKAro-UUNnDX0gpdFb3-zxIbTGhkzHWaIy-R46lUGgfh3Y1MH56Zm1QpQRJMYmB2ECJBt9vwd-OwZWWftn_5RMLHybMVhST2W37oH6xfmZ_BxgeVkJ36yPH48JebCjsDaToxERLd_aCIlGoVRQJDpsednW4pcl0lD0N8hDzFtLU2t-tWAeTkVDZuQkEG5wIxhv8Lw4VylbmlfjYDTrrafw1SKI-9ZPvP9pXM4PSBvLe1ILOZ7OBzlNutIB6Hz7qTBENSMYjcUQ0bB2K52XJy6--SbD5laSmv8OAOfbapXyF9vqLkO1okJjVRdfERxnpPrNlvX_YX1XmSbM_sbQoXQiNEIq-_5P4bmd5pK5C0BrbrbaV-Q-Q0GOHDwEijbN_plOeqYhTmSL2-CZ-WP5Ae_GBapAefEedwhB_Zk1AGld6ZTJk1fseIedozOvh8r9KlsereocjznoTs-GWl660JqzKTrAA5x-10P90web2j7D_wgxRblbXfph7I7LU2o2yAAgng0nXxw5JhNabLcsbh6tomle7E0QN4MERqc-xHHFxNC1E927HtTVPUJlZQJfjIbJYOSXzm4qIjwxky0eLa_fv58kzvM4lem70uCFpQ4OLpCdykaf-SEJZRj4sC8OPzY9V_k44LoQN8-iDLKN_vYFy7zCzpgZqDzvh9KUF737nTAHAGYpFgbBOlHZJ3RWqOGmBQWhye8ngEAy6fYzMdsVAADzfJQVuka0eXXXgbq0oV5XrLjF3YcXGt0WeABMsMNpwwbX0HMd8pw-VDmwYuVBFyIBXMU7hVyTW5GNlrTLB8l_jO4gHZhIYthWPRLRoviwwmQDPT1QlWRxVzhx8yk0ewOPMMpKNRlbiaxp54rfhJ8duLREOQyQ8rO8psjJJpGOLgUQ9i2ykyVj5wQuz6qX1tJVrS9YmnDbgPVk5JoHd77RSsFrweAyflzDP0ndW50wBwBmKRYK2D4auJvfGxOvc5wwgJIwO50wBwBmKRYFRqx4IAE847nHOFig1NfW6HVDv-ud4rYbkcEcAYjxpLEJ4jFs6lChbYgG7afTXkyA HTTP/1.1
Host: mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 02:05:01 GMT
content-length: 0
set-cookie: rhid=82800931772; Max-Age=15552000; Expires=Sun, 30-Jul-2023 02:05:01 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p274639.mybettermb.com/adServe/domainClick?ai=zHPR75Zx-onygYaeN_ogCBBLFBRk1eiQ4ypU_IICyRP5V1c6EPCUBF8zHiEadnIXHca1CsuLEl2kGko8eoV6LiOFwlzkCkbzEzy7OBJtmOXCgzQbPSpPqqSSkl0jHkvawfpNa9imHsM1Pvdhx6h8GcMlvyNQu9ligKNm5HUY_GWjB2fjK6rwTJjim55TmpSzfpExJBMizSdKgbz0VF_-WH_9b8ky2I1bOt49-zifnPahCJDe0fs2e12k4XVJzHJX8mFgHSWE3TZCCpJ_Aq0_LLnTAHAGYpFgXZomooD2vuliVnQIGgxQDiU7ugF2M-yuw6VwzuvR-x3CQtVBA9Wp7n-oJi-H9AZDZAEJiK7vPzi8aDyDFGigWfBCO-vkqGpKjhdEqJB6Nj2XmDvYXWw9hp-qFZn5gpnPqtE9sbJicJwX2fEbVjxB9kp2QAzznS8_6fjhgUFt3sQISiZ3D8mF7LCm2HeI0S938_gGwpSXr3tSAMcY_H2x07HFovOGSDpNKiXhLmiyflhHQ2DhJtv57Pgpt-TBvcxCEwrLEAaOW_iik5tvENnhUEVs1IKi-ubyVjLddbnKrYw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSH3LRhS7yFr551fj5eAOEVbRB2giFg6mwu3p0ztsRWryQeC9wOC7QrjPCFkDHzu0s7FMHaaaNQg1s1ATSnmS5JQ&si=1&oref=dae16bcb6b93b11e9cbacb290c7cfdf8&optunit=w6VwzuvR-x29ebjHufQcSA&rb=E-qvs9aXu7s&rr=0&abtg=0
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14001
Expires: Tue, 31 Jan 2023 05:58:22 GMT
Date: Tue, 31 Jan 2023 02:05:01 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14001
Expires: Tue, 31 Jan 2023 05:58:22 GMT
Date: Tue, 31 Jan 2023 02:05:01 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14001
Expires: Tue, 31 Jan 2023 05:58:22 GMT
Date: Tue, 31 Jan 2023 02:05:01 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14001
Expires: Tue, 31 Jan 2023 05:58:22 GMT
Date: Tue, 31 Jan 2023 02:05:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 15400
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e575f4c5e3aa793f846cadc8baf386c
f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d
09a5bbe4fb7f23ee43228267f30c1ef0cd8747e515e01c963df0756b866f23ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 059475a7-d7de-4a44-9fc7-11fb24e201b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_9G8DIAMF64A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e399-57fea3031d1e93ec02308fac;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vzubP2I1xR5NF1amWIPiIlp6yPykWhz-CEbwDiJOs-eTWkTE-fvfjA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 03:51:25 GMT
age: 80016
etag: "f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6c0b4d2-6327-4501-8fe0-017b08501835.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6c0b4d2-6327-4501-8fe0-017b08501835.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee0e708ca11a9468634d2a7dff56510f
40d7c0f07b5218c4ceabcd7fc90af26bb3dc2cf3
e944a184377a91dae9fbc38ebc686fb95e261cb16ae09c7d69ababacffa75e57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6c0b4d2-6327-4501-8fe0-017b08501835.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8529
x-amzn-requestid: 633fc342-7b5a-4103-970e-74730c08679b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbhguFesIAMFqVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d47c6a-38e274c36d39ef4f2dd6034a;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 01:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: URqrtcPijXsHDSPMQ3K9PHbq20O0KYuk3YyO91rNW7t10zCuF3g5wg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 10:29:22 GMT
age: 56139
etag: "40d7c0f07b5218c4ceabcd7fc90af26bb3dc2cf3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 15404
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b43468b05cd1fd11c398263a80e4edb2
02e964ea5a88c866267ac6c5601bfcde26ffd42b
19783f05297f7ed5d7ca8cec0fc0e1676831275ac48f1510a4f410dbe2802314
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa70b0b84-f0e7-44e4-a574-ee3e55fbc0d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4634
x-amzn-requestid: 2941da94-203c-47d1-99ee-d864bdbf6993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffCAHF9kIAMFrUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e39a-78bb7189351d830a7ef70c67;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uwVY2yJq8mZgVFAkrRx3OPU0qJ7uI5aehpxP_ULNJX9BQJLCiUwo7g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 04:03:31 GMT
age: 79290
etag: "02e964ea5a88c866267ac6c5601bfcde26ffd42b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fc180ec5b99ac357db8775775c3c11
c9856a488e82bc330881377528bf2e53274ef5f3
a31fd6fc84f79b0f5fb79cccf490ddf61eb58bdaf57ca27f57a911332e550d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffea501ff-acf4-4b37-aa0a-baf417cf3694.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5394
x-amzn-requestid: 16d876fb-0afd-4b5d-b19e-1029506fd6f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIgq2E4CIAMFiFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce178-1f08dc2105b6e182677004e7;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:10:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 36E3JCGqpkeMmb_fzM0DTb24ElUMGDdikE1IdqQABDlbT28XRs7B-w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 11:52:37 GMT
age: 51144
etag: "c9856a488e82bc330881377528bf2e53274ef5f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p274639.mybettermb.com/adServe/domainClick?ai=zHPR75Zx-onygYaeN_ogCBBLFBRk1eiQ4ypU_IICyRP5V1c6EPCUBF8zHiEadnIXHca1CsuLEl2kGko8eoV6LiOFwlzkCkbzEzy7OBJtmOXCgzQbPSpPqqSSkl0jHkvawfpNa9imHsM1Pvdhx6h8GcMlvyNQu9ligKNm5HUY_GWjB2fjK6rwTJjim55TmpSzfpExJBMizSdKgbz0VF_-WH_9b8ky2I1bOt49-zifnPahCJDe0fs2e12k4XVJzHJX8mFgHSWE3TZCCpJ_Aq0_LLnTAHAGYpFgXZomooD2vuliVnQIGgxQDiU7ugF2M-yuw6VwzuvR-x3CQtVBA9Wp7n-oJi-H9AZDZAEJiK7vPzi8aDyDFGigWfBCO-vkqGpKjhdEqJB6Nj2XmDvYXWw9hp-qFZn5gpnPqtE9sbJicJwX2fEbVjxB9kp2QAzznS8_6fjhgUFt3sQISiZ3D8mF7LCm2HeI0S938_gGwpSXr3tSAMcY_H2x07HFovOGSDpNKiXhLmiyflhHQ2DhJtv57Pgpt-TBvcxCEwrLEAaOW_iik5tvENnhUEVs1IKi-ubyVjLddbnKrYw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSH3LRhS7yFr551fj5eAOEVbRB2giFg6mwu3p0ztsRWryQeC9wOC7QrjPCFkDHzu0s7FMHaaaNQg1s1ATSnmS5JQ&si=1&oref=dae16bcb6b93b11e9cbacb290c7cfdf8&optunit=w6VwzuvR-x29ebjHufQcSA&rb=E-qvs9aXu7s&rr=0&abtg=0
52.116.53.155302 Found 0 B URL HTTP/2 p274639.mybettermb.com/adServe/domainClick?ai=zHPR75Zx-onygYaeN_ogCBBLFBRk1eiQ4ypU_IICyRP5V1c6EPCUBF8zHiEadnIXHca1CsuLEl2kGko8eoV6LiOFwlzkCkbzEzy7OBJtmOXCgzQbPSpPqqSSkl0jHkvawfpNa9imHsM1Pvdhx6h8GcMlvyNQu9ligKNm5HUY_GWjB2fjK6rwTJjim55TmpSzfpExJBMizSdKgbz0VF_-WH_9b8ky2I1bOt49-zifnPahCJDe0fs2e12k4XVJzHJX8mFgHSWE3TZCCpJ_Aq0_LLnTAHAGYpFgXZomooD2vuliVnQIGgxQDiU7ugF2M-yuw6VwzuvR-x3CQtVBA9Wp7n-oJi-H9AZDZAEJiK7vPzi8aDyDFGigWfBCO-vkqGpKjhdEqJB6Nj2XmDvYXWw9hp-qFZn5gpnPqtE9sbJicJwX2fEbVjxB9kp2QAzznS8_6fjhgUFt3sQISiZ3D8mF7LCm2HeI0S938_gGwpSXr3tSAMcY_H2x07HFovOGSDpNKiXhLmiyflhHQ2DhJtv57Pgpt-TBvcxCEwrLEAaOW_iik5tvENnhUEVs1IKi-ubyVjLddbnKrYw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSH3LRhS7yFr551fj5eAOEVbRB2giFg6mwu3p0ztsRWryQeC9wOC7QrjPCFkDHzu0s7FMHaaaNQg1s1ATSnmS5JQ&si=1&oref=dae16bcb6b93b11e9cbacb290c7cfdf8&optunit=w6VwzuvR-x29ebjHufQcSA&rb=E-qvs9aXu7s&rr=0&abtg=0
IP 52.116.53.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adServe/domainClick?ai=zHPR75Zx-onygYaeN_ogCBBLFBRk1eiQ4ypU_IICyRP5V1c6EPCUBF8zHiEadnIXHca1CsuLEl2kGko8eoV6LiOFwlzkCkbzEzy7OBJtmOXCgzQbPSpPqqSSkl0jHkvawfpNa9imHsM1Pvdhx6h8GcMlvyNQu9ligKNm5HUY_GWjB2fjK6rwTJjim55TmpSzfpExJBMizSdKgbz0VF_-WH_9b8ky2I1bOt49-zifnPahCJDe0fs2e12k4XVJzHJX8mFgHSWE3TZCCpJ_Aq0_LLnTAHAGYpFgXZomooD2vuliVnQIGgxQDiU7ugF2M-yuw6VwzuvR-x3CQtVBA9Wp7n-oJi-H9AZDZAEJiK7vPzi8aDyDFGigWfBCO-vkqGpKjhdEqJB6Nj2XmDvYXWw9hp-qFZn5gpnPqtE9sbJicJwX2fEbVjxB9kp2QAzznS8_6fjhgUFt3sQISiZ3D8mF7LCm2HeI0S938_gGwpSXr3tSAMcY_H2x07HFovOGSDpNKiXhLmiyflhHQ2DhJtv57Pgpt-TBvcxCEwrLEAaOW_iik5tvENnhUEVs1IKi-ubyVjLddbnKrYw&ui=HFz5zNIIs96w8gbO8AoGVPmI0xR1wwxSH3LRhS7yFr551fj5eAOEVbRB2giFg6mwu3p0ztsRWryQeC9wOC7QrjPCFkDHzu0s7FMHaaaNQg1s1ATSnmS5JQ&si=1&oref=dae16bcb6b93b11e9cbacb290c7cfdf8&optunit=w6VwzuvR-x29ebjHufQcSA&rb=E-qvs9aXu7s&rr=0&abtg=0 HTTP/1.1
Host: p274639.mybettermb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Cookie: rhid=82800931772
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 02:05:01 GMT
content-length: 0
set-cookie: rhid=82800931772; Max-Age=15552000; Expires=Sun, 30-Jul-2023 02:05:01 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
loi=ad_490233_off_142374_aff_3322_cid_274639-575551883-TPBPROXYONE.ORG_ts_1675130701; Max-Age=3600; Expires=Tue, 31-Jan-2023 03:05:01 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://myfood.ltd/?v=20171031&s1=0
X-Firefox-Spdy: h2
myfood.ltd/?v=20171031&s1=0
151.139.128.10200 OK 2.9 kB URL HTTP/2 myfood.ltd/?v=20171031&s1=0
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6859), with no line terminators
Hash 029ccb01ef612a9e6748494c60d24b69
d385f7671725be11701998c27571e94b1950f991
7ac429dc45b509b1bed9bdcdc5610868d510d979ce3cc06d48870511bf0425f5
GET /?v=20171031&s1=0 HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btpnative.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 02:05:01 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 2896
content-type: text/html
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb731-1ad4"
x-hw: 1675130701.cds017.sk1.hn,1675130701.cds236.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/css/style.css
151.139.128.10200 OK 19 kB URL HTTP/2 myfood.ltd/main/css/style.css
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (65134), with no line terminators
Hash a95a0c8bd1273406b8c8053fb3527d56
2a461dcfa2c4bf1d22727bfd7c3c2abc85d44343
55b46146d32f4ee365d4ca91d8b3b1c504a062b15bbc1ed60a22ac2d05be1db5
GET /main/css/style.css HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 02:05:01 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 18933
content-type: text/css
last-modified: Mon, 01 Mar 2021 09:43:15 GMT
accept-ranges: bytes
server: nginx
etag: W/"603cb733-1b1ac"
x-hw: 1675130701.cds017.sk1.hn,1675130701.cds261.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_1.jpg
151.139.128.10200 OK 74 kB URL HTTP/2 myfood.ltd/images/Superfood_1.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x420, components 3\012- data
Hash c2c3ec0e55e648c2a85d4499714a9c11
073f2990a52da59a7d3b73583b30be3c2cf45523
b66cf7365382753dc6340bfa2fba89c368ca3b930a0833d8f64c4c34525fc2ec
GET /images/Superfood_1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 02:05:01 GMT
cache-control: max-age=30
content-length: 74204
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-121dc"
x-hw: 1675130701.cds017.sk1.hn,1675130701.cds247.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/Superfood_2.jpg
151.139.128.10200 OK 52 kB URL HTTP/2 myfood.ltd/images/Superfood_2.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, copyright=Bigstock], progressive, precision 8, 800x341, components 3\012- data
Hash b87af7248a82f58fe2ea5d0c7b030886
1d5a5b9752d7978c68b0d4a1689b3d8e6d322f0a
14da8c39c357dad0441b26d575c0000a9529c76d785680306a3cf51abe4cae81
GET /images/Superfood_2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 02:05:01 GMT
cache-control: max-age=30
content-length: 51830
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:13 GMT
accept-ranges: bytes
server: nginx
etag: "603cb731-ca76"
x-hw: 1675130701.cds017.sk1.hn,1675130701.cds220.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-1.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-1.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash 62d0b6a649ac10e72bcb6ea3bbf57564
3e333889b0b66bfc6a32499f4c55878e2102b463
58dddc0a77632d920d096da6c6e2587c5859a4b4dd7af6dcd6eb8009ebc23ba6
GET /images/avatar-1.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 02:05:01 GMT
cache-control: max-age=30
content-length: 11304
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-2c28"
x-hw: 1675130701.cds017.sk1.hn,1675130701.cds211.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/images/avatar-2.jpg
151.139.128.10200 OK 11 kB URL HTTP/2 myfood.ltd/images/avatar-2.jpg
IP 151.139.128.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=128, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=128], progressive, precision 8, 128x128, components 3\012- data
Hash dd3881ed1b5b03b1d571edf89e12c466
61ca68c1c2d2ae7d286dfc0540f4ca8b357fdf3d
97b65e41dd547b310e1e860d2ae4717dba1d97bd36c0cd06c35749caa515e207
GET /images/avatar-2.jpg HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 02:05:01 GMT
cache-control: max-age=30
content-length: 10665
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 09:43:12 GMT
accept-ranges: bytes
server: nginx
etag: "603cb730-29a9"
x-hw: 1675130701.cds017.sk1.hn,1675130701.cds202.sk1.c
X-Firefox-Spdy: h2
myfood.ltd/main/js/main.js
151.139.128.10200 OK 39 kB URL HTTP/2 myfood.ltd/main/js/main.js
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (60220)
Hash 181e3fa3b1de97ff4efd259bc2a2c8c7
52edf1dc36109cb57bea12689a48442e27f06ad1
ffa8984bea3bf0c0a0cb282e9a5a98b3435e63fb6a26dfe0351979fa9f827c40
GET /main/js/main.js HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 02:05:01 GMT
cache-control: max-age=30
content-encoding: gzip
content-length: 38656
content-type: application/javascript
last-modified: Mon, 01 Mar 2021 09:43:14 GMT
accept-ranges: bytes
server: nginx
etag: "603cb732-1d57b"
x-hw: 1675130701.cds017.sk1.hn,1675130701.cds228.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:05:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:05:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14544, version 1.0\012- data
Hash 223a277bd88d8a90c8cdf24cda0ad5f5
24234c1c81b3948758c1a0be8e5a65386ca94c52
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
GET /s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 21:51:44 GMT
expires: Sun, 28 Jan 2024 21:51:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 21:49:52 GMT
content-type: font/woff2
age: 187997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14564, version 1.0\012- data
Hash 60c866748ff15f5b347fdba64596b1b1
34f486906decb7c8cf7a02d4758add9a2408c7a5
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
GET /s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://myfood.ltd
Connection: keep-alive
Referer: https://myfood.ltd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:16:43 GMT
expires: Sat, 27 Jan 2024 10:16:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Oct 2017 21:49:34 GMT
content-type: font/woff2
age: 316098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:05:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
myfood.ltd/favicon.ico
151.139.128.10200 OK 1.2 kB IP 151.139.128.10:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b671b0407b8abf4ffb9946ee1596d992
79a116ffd13f1888451abd3cb8751cb2140f2fa4
1515616a51664df153b03397585ee45469cb936100992f870419514b17820649
GET /favicon.ico HTTP/1.1
Host: myfood.ltd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myfood.ltd/?v=20171031&s1=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 02:05:02 GMT
cache-control: max-age=30
content-length: 1150
content-type: image/x-icon
last-modified: Wed, 28 Mar 2018 14:00:16 GMT
accept-ranges: bytes
server: nginx
etag: "5abb9ff0-47e"
x-hw: 1675130701.cds017.sk1.hn,1675130701.cds240.sk1.sc,1675130702.cds240.sk1.pr
X-Firefox-Spdy: h2