Overview

URL peliculashdlatina.com/2013/06/madagascar-la-pocima-del-amor.html
IP185.107.56.200
ASNNForce Entertainment B.V.
Location Netherlands
Report completed2022-07-04 01:56:38 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-04 2 peliculashdlatina.com/2013/06/madagascar-la-pocima-del-amor.html Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (29)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] detectportal.firefox.com (1) 1601 2017-01-30 00:03:31 UTC 2022-07-03 04:32:10 UTC 34.107.221.82
[Mnemonic Passive DNS] www.bigbasketshop.com (1) 0 No data No data 172.67.218.148 Domain (bigbasketshop.com) ranked at: 343194
[Mnemonic Passive DNS] use.fontawesome.com (1) 942 2017-01-30 04:43:25 UTC 2022-07-03 06:25:13 UTC 172.67.169.247
[Mnemonic Passive DNS] img.ltwebstatic.com (3) 13539 2017-08-26 07:28:33 UTC 2022-07-03 20:13:59 UTC 23.36.79.18
[Mnemonic Passive DNS] img.tttcdn.com (7) 648109 No data No data 54.230.111.24
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (2) 1152 2020-11-03 12:26:46 UTC 2022-07-03 05:07:31 UTC 54.230.111.7
[Mnemonic Passive DNS] btpnav.com (2) 207578 No data No data 209.15.13.136
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (5) 1015 No data No data 54.230.245.39
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-03 05:03:35 UTC 52.40.216.187
[Mnemonic Passive DNS] www.facebook.com (1) 99 2012-05-28 23:09:18 UTC 2022-07-03 04:33:15 UTC 157.240.200.35
[Mnemonic Passive DNS] ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-07-03 04:43:22 UTC 142.250.74.3
[Mnemonic Passive DNS] shavar.services.mozilla.com (1) 3602 2017-01-30 05:00:58 UTC 2022-07-03 05:03:51 UTC 35.166.39.67
[Mnemonic Passive DNS] firefox-settings-attachments.cdn.mozilla.net (1) 11509 2019-11-30 09:32:57 UTC 2022-07-03 10:04:07 UTC 54.230.111.97
[Mnemonic Passive DNS] mediaflowmanager.com (1) 0 No data No data 54.230.111.84 Unknown ranking
[Mnemonic Passive DNS] cdn.dealsfor.life (9) 0 No data No data 172.67.156.239 Unknown ranking
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (11) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] animikii-ana.com (2) 0 No data No data 52.73.1.119 Unknown ranking
[Mnemonic Passive DNS] r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-07-03 04:49:06 UTC 23.36.77.32
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-03 04:06:00 UTC 34.120.237.76
[Mnemonic Passive DNS] fonts.gstatic.com (3) 0 2017-01-30 04:59:51 UTC 2022-07-03 04:33:25 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] eu.pushnow.net (2) 0 No data No data 38.100.129.67 Unknown ranking
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] getpocket.cdn.mozilla.net (1) 1369 2017-08-31 07:41:15 UTC 2022-07-03 04:06:41 UTC 34.120.5.221
[Mnemonic Passive DNS] ocsp.digicert.com (4) 86 2012-11-29 12:49:49 UTC 2022-07-03 21:37:13 UTC 93.184.220.29
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (11) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-07-03 04:49:06 UTC 23.36.76.226
[Mnemonic Passive DNS] webtrafficsource.com (3) 46468 2020-05-25 20:49:03 UTC 2022-06-19 03:33:52 UTC 34.107.149.195
[Mnemonic Passive DNS] connect.facebook.net (2) 139 2013-09-20 12:03:21 UTC 2022-07-03 04:34:43 UTC 157.240.200.14
[Mnemonic Passive DNS] peliculashdlatina.com (3) 0 2019-08-09 11:30:23 UTC 2020-06-04 09:56:30 UTC 185.107.56.200 Unknown ranking


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 185.107.56.200

Date UQ / IDS / BL URL IP
2022-08-11 05:10:06 +0000
0 - 0 - 5 uk1a4.mespor.pro/ 185.107.56.200
2022-08-08 02:31:08 +0000
0 - 0 - 3 pepitos.tv/series/mixology 185.107.56.200
2022-08-07 01:57:59 +0000
4 - 0 - 4 csgotape.com/login.php 185.107.56.200
2022-08-06 02:52:55 +0000
4 - 0 - 4 tpbproxyone.org/user/faical77 185.107.56.200
2022-08-04 14:43:39 +0000
0 - 0 - 4 fgs4u.co.uk/ 185.107.56.200
2022-08-04 05:14:04 +0000
4 - 0 - 0 hainanhongyu.com/api/yhlh 185.107.56.200
2022-08-02 13:14:50 +0000
0 - 0 - 1 docs.pointbuysys.com/ 185.107.56.200
2022-07-31 17:25:57 +0000
0 - 0 - 5 leatheretal.org/animi-voluptate/documents.zip 185.107.56.200
2022-07-29 17:06:31 +0000
3 - 0 - 5 area.wthelpdesk.com/t4upo/1wtxhn-grl/a.htm 185.107.56.200
2022-07-26 00:31:09 +0000
0 - 0 - 3 rajapoker99.asia/ 185.107.56.200

Last 10 reports on ASN: NForce Entertainment B.V.

Date UQ / IDS / BL URL IP
2022-08-19 16:52:08 +0000
0 - 0 - 4 major.wrengostic.com/ 185.107.56.57
2022-08-19 16:51:22 +0000
0 - 0 - 3 buy.wrengostic.com/ 185.107.56.57
2022-08-19 15:50:15 +0000
0 - 0 - 5 edge.wrengostic.com/ 185.107.56.57
2022-08-19 13:21:56 +0000
0 - 0 - 7 boletosimple.com.ar/ 77.247.179.88
2022-08-18 12:23:59 +0000
0 - 0 - 3 how.wrengostic.com/ 185.107.56.58
2022-08-18 06:15:23 +0000
4 - 0 - 3 from.hammerhandz.com/ 185.107.56.58
2022-08-18 01:18:56 +0000
0 - 0 - 1 use.wrengostic.com/ 185.107.56.57
2022-08-18 00:49:35 +0000
4 - 0 - 3 rp.seroteforoh.com/?pcrc=867485255&v=2.0 77.247.179.88
2022-08-17 17:47:08 +0000
3 - 0 - 3 ihaveachargefromapple.com/ 77.247.182.245
2022-08-17 07:53:58 +0000
0 - 0 - 1 141.98.6.236/newz2k/Ivnut-Z2K-4.exe 141.98.6.236

No other reports on domain: peliculashdlatina.com



JavaScript

Executed Scripts (31)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (87)


Request Response
                                        
                                            GET /2013/06/madagascar-la-pocima-del-amor.html HTTP/1.1 
Host: peliculashdlatina.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         185.107.56.200
HTTP/1.1 200 OK
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 519
content-type: text/html; charset=utf-8
date: Mon, 04 Jul 2022 01:56:22 GMT
server: nginx
set-cookie: sid=8145424e-fb3c-11ec-a738-8082c2b6d33e; path=/; domain=.peliculashdlatina.com; expires=Sat, 22 Jul 2090 05:10:29 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (519), with no line terminators
Size:   519
Md5:    570a3220ea39164c5acfc0dcd0063911
Sha1:   5f162a564f2e7efa0998b25c2e6c24079320c25e
Sha256: 2043552fbb4563adb52a02a74b8966529543b20f78e7185440b22f725a76aec6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8E263E6763753F5659AC0FC2D11DAF8ECE9720988153C38CB40631AF26C86575"
Last-Modified: Fri, 01 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2786
Expires: Mon, 04 Jul 2022 02:42:49 GMT
Date: Mon, 04 Jul 2022 01:56:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FACD4EA97FD9649E88A7F37464DAD3896ED33914F8C78F1599FA3F72EE7B5A1C"
Last-Modified: Sat, 02 Jul 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6312
Expires: Mon, 04 Jul 2022 03:41:35 GMT
Date: Mon, 04 Jul 2022 01:56:23 GMT
Connection: keep-alive

                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.5.221
HTTP/2 200 OK
                                        
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: ELrtOIlpFr0ZJZxsO0fQTkDkydDNIQKTAqQFRsZ30zpV7dPaWAGLOQ==
content-encoding: gzip
via: 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Mon, 04 Jul 2022 01:52:29 GMT
content-type: application/json
content-length: 46501
age: 234
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   46501
Md5:    8958138b5315e1dd605032677094639e
Sha1:   91d815318d1aa7b0ca79a5daeed34f7698519526
Sha256: ba763f37d54bbccf7a551933e0a9f88379d66e4209bb968585fe52f21810ea19
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
date: Sun, 03 Jul 2022 02:11:00 GMT
last-modified: Wed, 11 May 2022 19:51:39 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dDoMbH7y6yeMnBobgwD-q2NwbCUuRYmVQjSc2qA0N9ziwd80KervJA==
age: 85524
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Mon, 04 Jul 2022 01:56:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 04 Jul 2022 01:54:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U7qJfiDVPLmVnOgGfrhLFmhui9tEyuh5P-suP5fZKDO7mQEBCmHDlQ==
Age: 127


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: peliculashdlatina.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://peliculashdlatina.com/2013/06/madagascar-la-pocima-del-amor.html
Cookie: sid=8145424e-fb3c-11ec-a738-8082c2b6d33e

                                         
                                         185.107.56.200
HTTP/1.1 404 Not Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Mon, 04 Jul 2022 01:56:23 GMT
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   9
Md5:    d8f4a1993546cc4b850cde3599e27aec
Sha1:   094b763b4cfcc0b05e5d040581cd513c3ca08067
Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sun, 03 Jul 2022 09:46:52 GMT
Age: 58171
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5069
Cache-Control: max-age=145532
Date: Mon, 04 Jul 2022 01:56:23 GMT
Etag: "62c1ca76-1d7"
Expires: Tue, 05 Jul 2022 18:21:55 GMT
Last-Modified: Sun, 03 Jul 2022 16:57:26 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 04 Jul 2022 01:52:20 GMT
Cache-Control: max-age=3600
Expires: Mon, 04 Jul 2022 01:59:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: F1JxTpoO2AulI3YJZJEV5E3IPJ8M2i8dEtw-rg4yQwkkeDaNgQKi6w==
Age: 244


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 
Host: shavar.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         35.166.39.67
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Mon, 04 Jul 2022 01:56:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    29fc57841962e407cb50c1be60284bf7
Sha1:   ce968a77e2996da5eee8925182318f171ccdce47
Sha256: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5049
Cache-Control: 'max-age=158059'
Date: Mon, 04 Jul 2022 01:56:24 GMT
Last-Modified: Mon, 04 Jul 2022 00:32:15 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /2013/06/madagascar-la-pocima-del-amor.html?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY1NjkwNjk4MiwiaWF0IjoxNjU2ODk5NzgyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycnY3cjRuMHI0c3VmcjNpM28yMXI1b28iLCJuYmYiOjE2NTY4OTk3ODIsInRzIjoxNjU2ODk5NzgyNzA5ODgxfQ.h8ad6bcnLzT7Q9eUJ5jjzp6JyAbEgoTZxcWTHpgsyKE&sid=8145424e-fb3c-11ec-a738-8082c2b6d33e HTTP/1.1 
Host: peliculashdlatina.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://peliculashdlatina.com/2013/06/madagascar-la-pocima-del-amor.html
Cookie: sid=8145424e-fb3c-11ec-a738-8082c2b6d33e
Upgrade-Insecure-Requests: 1

                                         
                                         185.107.56.200
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 04 Jul 2022 01:56:24 GMT
location: http://btpnav.com/click?data=TmNZWEFmVmFOV1Zzc19iVnRBSTFycVE4MlNybXJEdDFQeEJDNng1bm9sWXZPVW1xZGpJbXpEc3BwWXU1Y1o2b1dDczVwOU4yX3BqdndEeC12d2NnaFdnRFY0ZVZET1dZdWpwSmdCR1NtTk5XMFVVbTdqemZZb2tsYm9QVmFDS1lDdGVkNnN5YWRWVldQVmxrT19wdERTN3V5UXZqUF9haThKNjdEUG1TdE1jMQ2&id=0504997e-fc23-40aa-bb26-cc4736392857
server: nginx
set-cookie: sid=8145424e-fb3c-11ec-a738-8082c2b6d33e; path=/; domain=.peliculashdlatina.com; expires=Sat, 22 Jul 2090 05:10:31 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2wVy6Fa0gzITxbO7kQPVSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.40.216.187
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hog70a8uv4A6SceAgIXxAk3sHv4=

                                        
                                            GET /click?data=TmNZWEFmVmFOV1Zzc19iVnRBSTFycVE4MlNybXJEdDFQeEJDNng1bm9sWXZPVW1xZGpJbXpEc3BwWXU1Y1o2b1dDczVwOU4yX3BqdndEeC12d2NnaFdnRFY0ZVZET1dZdWpwSmdCR1NtTk5XMFVVbTdqemZZb2tsYm9QVmFDS1lDdGVkNnN5YWRWVldQVmxrT19wdERTN3V5UXZqUF9haThKNjdEUG1TdE1jMQ2&id=0504997e-fc23-40aa-bb26-cc4736392857 HTTP/1.1 
Host: btpnav.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://peliculashdlatina.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         209.15.13.136
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: CAOVFsFtchxwNzC=CAOVFsFtchxwNzC; path=/
X-Server: web02
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Mon, 04 Jul 2022 01:56:23 GMT
Content-Length: 2146


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Size:   2146
Md5:    48f2eaaa447bce98c78d79e4fbaad99f
Sha1:   f1bff36977627ea77759354772c9870b641d8758
Sha256: 4c6796306b5b516f02b51ec2ad0e1d7d8c531c1c54bcb5de971f632a7c1efdff
                                        
                                            GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221656896236481%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 04 Jul 2022 01:01:55 GMT
Expires: Mon, 04 Jul 2022 02:01:55 GMT
Last-Modified: Mon, 04 Jul 2022 00:57:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KbgL0c-an3Zk6_44GSbq97BPQup07SpCAoYajrWimM_NtEjTfMkImA==
Age: 3269


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (21309), with no line terminators
Size:   4505
Md5:    099e8f65d33ff5e0f6d528f1bac027da
Sha1:   7dbad9d3cb4e925c4c3093f8b226873bfd563acf
Sha256: ac60e611c5c1c32e25e0bd006f47866728bb1851b8e3f9b3ec565d3d062c4668
                                        
                                            GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1656527861860&_since=%221653914271178%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 29 Jun 2022 18:37:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 04 Jul 2022 01:29:55 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _vP-9glbhTXmN2CuS8yt8pWeDqx5CYNMLiimMmsLMKMvujqpK_OHAw==
Age: 1865


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6554), with no line terminators
Size:   2445
Md5:    136ae70efbce77635f14e29c677d5455
Sha1:   33e02a83d2cbb36f350354335971cb0b07df1630
Sha256: abf08ea71b850cb51d0a88e96002616e0fa25f65347c15359c975922475f1f7e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Jul 2022 03:26:42 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RoLYSSnoxbzCEd0OCG1m7oD3i8S0Jn0K2qgJqRmjj9lIDuiR7yEJQw==
age: 80983
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 04 Jul 2022 01:54:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iXleZGjRqS4rswKaZR5UWfp_vUq5hx7hWocRSMapF25ixQnh5l0o8w==
Age: 128


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1 
Host: firefox-settings-attachments.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.97
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 04 Jul 2022 01:11:23 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GCMUuIt3LjZ_hMGUAcb_-O4f-Qx-OM6_2oHC8knaPwJ1mIde5MEGWg==
Age: 2707


--- Additional Info ---
Magic:  data
Size:   795699
Md5:    9b95765b0e26af76116a95a966d61354
Sha1:   3f7c1b40fc999b83f3696f455402e49ab484b027
Sha256: 34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
                                        
                                            GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1656892866061&_since=%221654732864402%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 04 Jul 2022 00:01:06 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Mon, 04 Jul 2022 01:09:39 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HSwCcQoiXeFXXKvRx49unQ6lhzwE_TKDUI-GJtlg37-r0N9YsxTnAw==
Age: 3224


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (59438), with no line terminators
Size:   12105
Md5:    caafe91a06ce9f2bbbe878101249f2d3
Sha1:   4a45fcda2b4d220f35970839884ebb708a77e0a5
Sha256: 9335855d87efd5b76f479e749997cbe56a69b8d41f6f637edf3c11d23b2cc17c
                                        
                                            POST /Redirect/ HTTP/1.1 
Host: btpnav.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 358
Origin: http://btpnav.com
Connection: keep-alive
Referer: http://btpnav.com/click?data=TmNZWEFmVmFOV1Zzc19iVnRBSTFycVE4MlNybXJEdDFQeEJDNng1bm9sWXZPVW1xZGpJbXpEc3BwWXU1Y1o2b1dDczVwOU4yX3BqdndEeC12d2NnaFdnRFY0ZVZET1dZdWpwSmdCR1NtTk5XMFVVbTdqemZZb2tsYm9QVmFDS1lDdGVkNnN5YWRWVldQVmxrT19wdERTN3V5UXZqUF9haThKNjdEUG1TdE1jMQ2&id=0504997e-fc23-40aa-bb26-cc4736392857
Cookie: CAOVFsFtchxwNzC=CAOVFsFtchxwNzC
Upgrade-Insecure-Requests: 1

                                         
                                         209.15.13.136
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Location: http://animikii-ana.com/zcvisitor/819ef2d2-fb3c-11ec-b0e2-0a7dfa42c36f/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=81b97fb5-fb3c-11ec-b0e2-0a7dfa42c36f
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Mon, 04 Jul 2022 01:56:24 GMT
Content-Length: 272


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   272
Md5:    f7b8f19c4d1359811fcaf367e1237546
Sha1:   84b7546f3cadd78d4a79f9dcfd08b3a43da52dc8
Sha256: b403f6421d143311b4dced8741c39e184fd305a29fd8301fa932a845ae1cbb13
                                        
                                            GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 682
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Sun, 03 Jul 2022 16:36:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 04 Jul 2022 01:54:58 GMT
Cache-Control: no-cache, no-store
ETag: "1656866218438"
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pj-xVJpL5oIscBP6exwUVGjp59j_17UmxWeLwyX8xwG6IStqooehKA==
Age: 88


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Size:   682
Md5:    b585897024b33f7d359179a3d1272ab1
Sha1:   032ff4b4307b04a81ef2077c8817435ffcadb680
Sha256: 4a6db42f6df420ef06ed1e18289d4d07063922245585775370e07b08a94a503b
                                        
                                            GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1656616149913&_since=%221654636467710%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 19:09:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Mon, 04 Jul 2022 01:29:56 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cGfhUfyKiukAgg_oRLFgiVlFQFkOuBcff5SN7Wl22E3yERn--C9dpQ==
Age: 1951


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   6854
Md5:    5fea2cf7118841ce56878edd6d30ac25
Sha1:   db4f36e0487401c706780c3053dca85e7a8fe519
Sha256: d7738e39ad2607d273496d214b27a76c14006c2fa0f97202a8b452470ffeac77
                                        
                                            GET /zcvisitor/819ef2d2-fb3c-11ec-b0e2-0a7dfa42c36f/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=81b97fb5-fb3c-11ec-b0e2-0a7dfa42c36f HTTP/1.1 
Host: animikii-ana.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://btpnav.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         52.73.1.119
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Mon, 04 Jul 2022 01:56:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: DzGlkiPZ


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1002
Md5:    743608c9b0a16fa3b0c974551e04621a
Sha1:   f72b525e426ae83029abcbb3fc380502abf38566
Sha256: 2297dec3da2407157e9ae8ff08fbfffcc237e2e54f37ab8e7a0a4bb02501779a
                                        
                                            GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Mon, 04 Jul 2022 01:47:14 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DczPM1bPvCCrfXsxsGx6h7iclzPlyV0Lmr5vKP228GSQO23Iqh2LaA==
Age: 612


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1709), with no line terminators
Size:   947
Md5:    72550a85a8f140c55c2233e3c599f4cb
Sha1:   0c24880bd69e8675448ea2c933a8db2de4edec0d
Sha256: 671896e94e49afb7a370420c9820a5f954cda155cb0178eacb0651c749a8d19a
                                        
                                            GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1656438167344&_since=%221654266643527%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Tue, 28 Jun 2022 17:42:47 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Mon, 04 Jul 2022 01:51:55 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fwj_TqlGedRfrYBhGMvzeoM3Ul73LGAcq--lZeZv13HMCTuuFHv4Zw==
Age: 355


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1600), with no line terminators
Size:   808
Md5:    973b253c25b29ba4d1796abd4a07c9d0
Sha1:   674bd6ad7dd8885a584471b74016c99cb50019d3
Sha256: 46562c5916dd5639ab41d4eefbeb3963cc410193c4955b0ee29c419ffa004966
                                        
                                            GET /v1/buckets/main/collections/cfr/changeset?_expected=1656348915244&_since=%221653578606314%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 27 Jun 2022 16:55:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Mon, 04 Jul 2022 01:08:02 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aIGL9EwRkhhuSBGrKDHbyl3UfsSUDx_Vx-NnRFAk5SQfCvjuHTpkKw==
Age: 3431


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2897), with no line terminators
Size:   1199
Md5:    1cdabc82c45e7873797a549695c6eab0
Sha1:   f6bd8ba124a0a0653da12887cb5d365ae7dfedce
Sha256: 60e9397a7ed752c7d3928b5cd2358a629c14092c5a89ccfc1727537c21c80f96
                                        
                                            GET /zcredirect?visitid=819ef2d2-fb3c-11ec-b0e2-0a7dfa42c36f&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false HTTP/1.1 
Host: animikii-ana.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://animikii-ana.com/zcvisitor/819ef2d2-fb3c-11ec-b0e2-0a7dfa42c36f/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=81b97fb5-fb3c-11ec-b0e2-0a7dfa42c36f
Upgrade-Insecure-Requests: 1

                                         
                                         52.73.1.119
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Mon, 04 Jul 2022 01:56:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: xrOgmDwA


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   400
Md5:    1e720f47e1048e9cbc3247a40c8b8864
Sha1:   538a34cba72a91e716bf92474956b7296cd056e7
Sha256: 09259c7d475ebecddfac5ee1bea953c9ee9c1538388039c6433577be61160bbc
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5891DD55E7EBE66E3A408F0624BE54310456259ED43C169468857A2D9F4F53C7"
Last-Modified: Sun, 03 Jul 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1354
Expires: Mon, 04 Jul 2022 02:18:59 GMT
Date: Mon, 04 Jul 2022 01:56:25 GMT
Connection: keep-alive

                                        
                                            GET /postback/click?key=v2-1656899783370-4-8763-999800-582e841d-bd84-14a8-1877-2d44f709c64b HTTP/1.1 
Host: eu.pushnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://animikii-ana.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         38.100.129.67
HTTP/2 200 OK
                                        
server: openresty/1.15.8.3
date: Mon, 04 Jul 2022 01:56:25 GMT
content-type: text/html;charset=UTF-8
content-length: 2086
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   2086
Md5:    bbe180b5a1f8bd35aa6f6bfe4a8e7da5
Sha1:   f73a58fc5854fa43ae930867ad1056cbac840a4b
Sha256: 83af337cfca83cac4227d1fa7306d4898a9afc1f456a30f45b926d5617c9b031
                                        
                                            GET /postback/click?key=v2-1656899783370-4-8763-999800-582e841d-bd84-14a8-1877-2d44f709c64b&token=6bb09de963b513344660368fe5d0859a&timezone=0&iframe_test=false&webdriver_test=false HTTP/1.1 
Host: eu.pushnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eu.pushnow.net/postback/click?key=v2-1656899783370-4-8763-999800-582e841d-bd84-14a8-1877-2d44f709c64b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         38.100.129.67
HTTP/2 302 Found
                                        
server: openresty/1.15.8.3
date: Mon, 04 Jul 2022 01:56:25 GMT
content-length: 0
set-cookie: platform_user_id=desktop:7980a459be274bf511db30c901634a36 platform_user_id_3rd_party=desktop:7980a459be274bf511db30c901634a36; SameSite=None; Secure; Max-Age=31556952
location: https://traffic.dealsfor.life/track?q=D59Bl199uk
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8963
Expires: Mon, 04 Jul 2022 04:25:48 GMT
Date: Mon, 04 Jul 2022 01:56:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8963
Expires: Mon, 04 Jul 2022 04:25:48 GMT
Date: Mon, 04 Jul 2022 01:56:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9033
Expires: Mon, 04 Jul 2022 04:26:58 GMT
Date: Mon, 04 Jul 2022 01:56:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8963
Expires: Mon, 04 Jul 2022 04:25:48 GMT
Date: Mon, 04 Jul 2022 01:56:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9033
Expires: Mon, 04 Jul 2022 04:26:58 GMT
Date: Mon, 04 Jul 2022 01:56:25 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb4cb110-4509-4fa1-8c48-16afc0ba81e0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10016
x-amzn-requestid: 9395283d-2444-424a-a613-b7a878bb821a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UrcB7H9dIAMFbVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c14072-2b096796763e53f82333d56b;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 07:08:34 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NEW9UaGF5-3qUPQPfIGG9UFtZQmoUkEsvo0HG-iWtqYuZ1al4gEotQ==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 07:08:35 GMT
age: 67670
etag: "f77072cb8828469a23bf18c240d0427b3fdb4900"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10016
Md5:    21c5a9ec20f4ded465b3fa0262d1ffd7
Sha1:   f77072cb8828469a23bf18c240d0427b3fdb4900
Sha256: d6c70bb2a8669708eba54bd1f7d0587f56774cb5d2e0cf2555144c14f7a48f39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F513db6a8-d92d-422f-8128-828ae45c8c10.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 14281
x-amzn-requestid: 9bb16359-cadc-438c-9231-834e8b9cc97f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UtcU_EsdoAMFbVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c20db9-0e4f968c07aed68e521fb5b1;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:44:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zFnAWuzSoIJDR9WeiZ7BzSdud2lArGjxWqS_a_NMYuosFAVkqjPGvQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 21:44:25 GMT
age: 15120
etag: "115a7633b992185594af9eaea71b392db4e9ab93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14281
Md5:    3731ac685aa5e5f758828b3a43b4fc49
Sha1:   115a7633b992185594af9eaea71b392db4e9ab93
Sha256: 60492a452e8fdb7bc99a2e00b80e9a1f37e925471556d00b4d9892eff7700432
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F431f287f-9907-47aa-be38-0ff4e6db75fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8553
x-amzn-requestid: da971ab1-68b6-455d-9725-1c2f89e165aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: URFadFGkoAMF6Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b6b5dc-42ece449553ff5151f7d4e8e;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 07:14:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Bm3bvTSwaAQZWxuxX3_nYO08Nba9Ve_9TO9KbdetO8drpl1iTs275A==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 09:16:13 GMT
age: 60012
etag: "303f4efaa9b98e39a935fc6514d3731d40d2977c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8553
Md5:    e6f97e6b64100081e8bed56216564854
Sha1:   303f4efaa9b98e39a935fc6514d3731d40d2977c
Sha256: 92dd803f1633bd65a2b4ac3223d8aa93dd55ed64c74b338aff62323585a3623c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F612de43b-a086-46ac-8411-4ea92f4e2986.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9691
x-amzn-requestid: 050aaa7d-e6d7-47f2-8a47-0a73e686585e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UtbR2Gn8oAMFphg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c20c0b-6b4ce8d231a1ad9010832949;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HebGuB1bkkJ206CvRboGBvl4lOO5WGCj5ldchTbO2Ek8YhKQ0Q3gpg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 21:44:20 GMT
age: 15125
etag: "f7bfd4701af5e6f3c456433ac47cc619e26a986f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9691
Md5:    30e998b98bc262213ba27f0afcae191e
Sha1:   f7bfd4701af5e6f3c456433ac47cc619e26a986f
Sha256: d059a00e67531223f7e25aca9fe7afc6f1da54d60da0d016e2dd2ab04af48494
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346ee3d1-9b99-4d29-a3ca-05ae8a63c478.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 14051
x-amzn-requestid: b39a0cbe-cb9e-43cc-a9a8-d221a35eb7d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UnlK0HIyoAMFRqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bfb578-68e888675e9184a979f35a3b;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 03:03:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8qFqZbvLBvyyuxQSXc_fLxDYWYiCgbG_Lrq2KwiXPb0b3SUWjclG9A==
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 03:45:40 GMT
age: 79845
etag: "6a2dd506bdb06bb5490245754907cdca6ad21af5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14051
Md5:    cdc2461ebcb11ddac4681075b9e78f85
Sha1:   6a2dd506bdb06bb5490245754907cdca6ad21af5
Sha256: c8caef144cfd4ea195774043d3956ee6c60d6f6d35f0713b3ada69db0ea9a1f9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56e67c56-d1a4-43e1-b107-2454ae62aac3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7944
x-amzn-requestid: c20d71c9-89fe-40a3-bbbd-ec25e7f552f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UtbR1G8koAMFnPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c20c0b-047326eb2d3891120d66c2de;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:37:15 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HV-qI6fRTSkTadGGahMCYda5yszsEhypKiEDzMmnszb3Y62716CjSg==
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 21:43:18 GMT
age: 15187
etag: "6b00349821fb9ce76a8894e83d542cc796fcb25a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7944
Md5:    9e8504930baef6cacc775f3fd50ad421
Sha1:   6b00349821fb9ce76a8894e83d542cc796fcb25a
Sha256: 447cd3b12fb39e90d8d46cd599e224b1edd5b3ad1125937e3a9a675c095ae16b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 04 Jul 2022 01:56:25 GMT
Etag: "62c21e26-1d7"
Last-Modified: Mon, 04 Jul 2022 01:22:36 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lzndFqh6pi3JbkqwYCjXnOG6tx9t0zSymSt4tyPg9cJwep_fBL5cYg==
Age: 2029

                                        
                                            GET /redirtrk?country=NO&ch=O&ds=R1 HTTP/1.1 
Host: mediaflowmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://traffic.dealsfor.life/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.84
HTTP/2 302 Found
                                        
content-type: text/html; charset=utf-8
content-length: 192
date: Mon, 04 Jul 2022 01:56:26 GMT
x-amzn-requestid: 7fc1a5c5-26c8-4c96-a532-c06bfd66201a
origin: https://www.facebook.com/
referer: https://www.facebook.com/
x-amz-apigw-id: UuBPqFK6vHcF0vw=
x-amzn-trace-id: Root=1-62c248ca-60a7ee7e2f33c12d0f56b537;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aEJ1VuEEBmBfO3ohvNR8Wwxe4OBFzhd6w5MoU2pr-wWuS7uphN89YA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   192
Md5:    b81f09dd25153805b0b189c513d6fbfc
Sha1:   e11eab150494937857ac7623a33b203273dd582f
Sha256: 6e6d24ef675a3e9ab09fcfca032939e45baef1b983d73eb371c6de9f2b5b8333
                                        
                                            GET /420x210/GG202202160840250824000000000000_booking-viajes.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.156.239
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:26 GMT
content-type: image/jpeg
content-length: 19531
x-amz-id-2: HClSNqPcZZO0orqFs16+yHGmn+05nAY2vEBKCRUFmEc4FJJxnv1yfuKA0KHO6EaM+hF6o8y/Jl4=
x-amz-request-id: 8TQC5GGDZBF0DAW4
last-modified: Wed, 16 Feb 2022 09:06:49 GMT
etag: "2edcb051f4a28bfae4c55983663d3ca0"
cache-control: max-age=86400
cf-cache-status: HIT
age: 4013
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1LWfJOCfoeKql0P%2F3bnoBGyYzI2sKUeFRkTOkQQ7%2BiWu6467kUP45FJ1XLjkwn1d%2BNtVu9d6Dn9sJh2wOhXmokrnCgRL7W89JQqsp%2Bj6IEMycQjXjdC1jH9LdgG4AAItTvwOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72543e949b43b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 420x210, components 3\012- data
Size:   19531
Md5:    2edcb051f4a28bfae4c55983663d3ca0
Sha1:   9ecb34c3c85c81cb63f8bc892ba40be49098f79f
Sha256: 1f73d2088aecaeb49a1c1227bde60b591e5c613890de0c371146c978fe85832a
                                        
                                            GET /420x210/GG202202161154360538000000000000_nakd-middel.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.156.239
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:26 GMT
content-type: image/jpeg
content-length: 15617
x-amz-id-2: Ogf9D4ggL7hPSFidXHE2V1KvDsEFVf3A0r5CaIxWpAg23LzGWjqcFSeI5+3L+ddKCScaBpIj3/8=
x-amz-request-id: 0GJASJV60YKBF8G3
last-modified: Wed, 16 Feb 2022 13:17:55 GMT
etag: "49c1809725d334ad1d49168d4032d795"
cache-control: max-age=86400
cf-cache-status: HIT
age: 4013
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUFH5bHGKZygg9u6isdsqXG1%2FFU04s60SQp%2B%2B5TUsAEs212%2Bo04NHlIG3UGJDJOCjcQL5xn%2FZDhxt7OOsYsUlN3kiH9%2BosGSC54bYNRfEqvhkmLGO3vwdw3Fjbs1XEP%2BVtmLMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72543e949b44b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 420x210, components 3\012- data
Size:   15617
Md5:    49c1809725d334ad1d49168d4032d795
Sha1:   467ef75ac95a9bffa100e76d4a686075ce2a0ae0
Sha256: d57b7d3b96db239f453ffbc9df058ba0ecfcec3b77776986851fec593e183138
                                        
                                            GET /630x315/GG202202160933460148000000000000_ellos-banner.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.156.239
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:26 GMT
content-type: image/jpeg
content-length: 16655
x-amz-id-2: n6KHeMY7mETb0obDdvQbOZH5wwoFBdo9AaG72bTCq0cUXYYnb7+l3K/6BrrqGGALd6e6+MP4UNo=
x-amz-request-id: NZ0XN3MWJ58R8MCJ
last-modified: Wed, 16 Feb 2022 09:48:06 GMT
etag: "9f2a0d4966718e4da9a08df34d4c2158"
cache-control: max-age=86400
cf-cache-status: HIT
age: 4013
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfiQeWizYqPK5v9Y4nVd1SVdqbvn9Qm7GjemYXXYS6dtCQ8IGd2J%2BrJDJDwVmrFRvvXeM89x1zHBtyFfh%2Fi%2FaRJcepb6OvWi8cEDALyHIqH10a6IfuGKXvhaCWmviIQ9CUYO1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72543e949b41b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 630x315, components 3\012- data
Size:   16655
Md5:    9f2a0d4966718e4da9a08df34d4c2158
Sha1:   6147fe8dca65ded95d6c86ab8bf58da1f40acc81
Sha256: 9177c7dc7bec5161d590d1844b39189c72f0f15a778216722ce706fcafe33a75
                                        
                                            GET /210x525/GG201911011038360555000000000000_BONPRIX-210-x-525.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.156.239
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:26 GMT
content-type: image/png
content-length: 130394
x-amz-id-2: TBYVHhNy/omVGMrJPpSQRHYHxi6vJmRd5ocUxf0sGArNEhUI8xcQa5Uow9XwdgXhZYHVCxXQAEA=
x-amz-request-id: K20KBBS2FZYN4KD9
last-modified: Thu, 28 Nov 2019 03:36:17 GMT
etag: "f2f45ce3bff9e8d2ab86de0da3b668a7"
cache-control: max-age=86400
cf-cache-status: HIT
age: 4012
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Co2bWBgcnaX37j4AQWj8QVPGoGL3LTeKt%2By3v%2F5kDdBOkEymma8HUrwfEU2s%2BqMZk%2B1dPwR8le7gaXFStOJSkMZdPTwtV%2FJDqFCFqoNZE4ifMGgfwq6j1Dpy8OtCmuyJEmHPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72543e949b45b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 210 x 525, 8-bit/color RGB, non-interlaced\012- data
Size:   130394
Md5:    f2f45ce3bff9e8d2ab86de0da3b668a7
Sha1:   54bea6889146a0f6a6e98e0d3f0f1b26e9c87246
Sha256: 2469a73cfe6de252d070fee225fb5e6b170c9b6c769106f3acd720f364b9f74f
                                        
                                            GET /630x315/GG202202160956310655000000000000_gina.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.156.239
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:26 GMT
content-type: image/jpeg
content-length: 27566
x-amz-id-2: GVr4ihYs31tcutxiECKjz9CFkhGgKhtSAhCAcqZECUEp4R0qRzBvXEIQZMGE4JQiZg47KfjTDbU=
x-amz-request-id: 63SMS3FXP804R622
last-modified: Wed, 16 Feb 2022 11:23:13 GMT
etag: "e051565419ebd9d87a5bae511f1a0907"
cache-control: max-age=86400
cf-cache-status: HIT
age: 4013
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N26jtOQT%2B0FHg%2FWVSBpewkorYeZXNVfnc331%2BzN2Mi6ni8zbXPpQrTDPaoU9XXOGIq%2BMPbTVLbsWOhEqxWzZbLnsm3ckuJ91Hzedz%2BYRAH09Q3xATxkCDmwmzQZKJDDrEATBaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72543e94bb55b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 630x315, components 3\012- data
Size:   27566
Md5:    e051565419ebd9d87a5bae511f1a0907
Sha1:   e73d2bed49bdb860238062b93efc76d7a74da681
Sha256: 8fd2ffdfda26dc445ce124613f6ecdfc95067f5938e2649a8759338b18a38f2e
                                        
                                            GET /630x315/GG202202161204280921000000000000_na-kd-stor.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.156.239
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:27 GMT
content-type: image/jpeg
content-length: 48185
x-amz-id-2: lj93T3jr6sZ8+PuXlPdL7QEP2p9z2c6spQh/hMiaq4cHFQJKLDpSybXCs4P4yIfuunwusuDIeJE=
x-amz-request-id: 0GJ51YXCK1SV8YJJ
last-modified: Wed, 16 Feb 2022 13:17:55 GMT
etag: "f6c80b025dd0c4faf038426a6b522bf3"
cache-control: max-age=86400
cf-cache-status: HIT
age: 4014
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht3yu6JXGIzyyfc1xBd4DwLnvUL9B1R0yUTdo0FtEa6jIJ14qfnxnUELDS2L831VNmmWPm%2BRbD%2Bpzrc8x3dxCa8QORMJU2RDRxPuHZBfm7QeBsgKkm5Hw8yDW3yJM7ohZKJyBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72543e94bb59b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 630x315, components 3\012- data
Size:   48185
Md5:    f6c80b025dd0c4faf038426a6b522bf3
Sha1:   ba61c1f6f255094f448c954cfb31bb0e692962f2
Sha256: e4866e519095827fb34f673de8d800a356fbe19ce37cf5e1f244d7f7e9bb50dc
                                        
                                            GET /23x9/GG201910181329540253000000000000_bandeira_noruega.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.156.239
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:27 GMT
content-type: image/png
content-length: 389
x-amz-id-2: IiusZnti6Fc7BErGOmKVn5uyZZ1stcsC2EzgNj+4XO4RSAaDs23tubfUnp2QwmDDN7MmZncjAhM=
x-amz-request-id: 5V2P1FFTF27KNSDX
last-modified: Thu, 28 Nov 2019 03:36:17 GMT
etag: "3985c40fe38e6b8cb2b7de1b2987cffe"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5746
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kXu3m5uqlKtqhv%2BkbeBQmi5BMtMrWXvnAKdbNU%2FQB8eFc5EGKJa6sAeX9Sfz8c2ROjWm7x9Uk75Eo66Ox8mTpyB7KsIARRBtjL8bVcgdDoYZ2%2Fx3nKx7JUGYhBJt4hQN490Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72543e94db6fb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 23 x 9, 8-bit/color RGB, non-interlaced\012- data
Size:   389
Md5:    3985c40fe38e6b8cb2b7de1b2987cffe
Sha1:   7c0328120073e47ffe990c218a3318c8edd675c5
Sha256: c82d89e379fa3c6a82fcf1b943144c7f61f007828904ff2beccfe127396e9369
                                        
                                            GET /210x210/GG202202161141520246000000000000_onlyliten.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.156.239
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:27 GMT
content-type: image/jpeg
content-length: 14007
x-amz-id-2: gEY8wqO3H1Aix5XVIf2CcBpUxx9STV5Hq1URVjEmmdtyeGuoigCbOnRdrKWzA+pPWWccFizr0hk=
x-amz-request-id: RQF7AAZNKGD9541A
last-modified: Wed, 16 Feb 2022 12:06:47 GMT
etag: "f646b8816924d74c3dcb2c2f4459bdce"
cache-control: max-age=86400
cf-cache-status: HIT
age: 4014
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQhAmtFjNCYWEUiBS%2FNrIYFKt0VYCGZhhuD954Txw5%2BoUyGoUdtJorxtLwxnFlfjT2%2B%2F2OMeuR6Df7jtL854jI7GTod2SAOfzCt2tlw%2BOIOfixtCYGMj8eQ3xQmd%2BW1XcUAjyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72543e94db6eb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 210x210, components 3\012- data
Size:   14007
Md5:    f646b8816924d74c3dcb2c2f4459bdce
Sha1:   553d79d6cf1b3692c2a4a2347e509f2dc6c56cf7
Sha256: ed8f6b0f37c222e7cf27924d0a40e62f198108e8fbcfa59f5413d79d81af2a02
                                        
                                            GET /210x525/28d35c2c50b14b6b8ba7ad52b334c52c_alibaba.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.156.239
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:27 GMT
content-type: image/png
content-length: 90833
x-amz-id-2: RImoE0+YH0Cqo/DJmkNZaemy+LjjDSfN31qECopLNWcxLhkPMJHPaDap3x1RBwjq/7rARuaBc6Q=
x-amz-request-id: K6CAZQT1TRMQ9821
last-modified: Thu, 28 Nov 2019 03:36:16 GMT
etag: "bb389fb8ac980416ab6902b2204f31e7"
cache-control: max-age=86400
cf-cache-status: HIT
age: 4013
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D42MfolZv11tHLPj2J3i5Amwt3XRZxFgbMPVyeHlb%2BIEvyz9UPV02if69g3kt534FZ1h0lnuNOgDOJAwlLl76TL38U9RpJF2ucxl8K7ddOSBiSIv7wcfBr7QA6xGhucSc6%2Fqjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72543e94eb86b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 210 x 525, 8-bit/color RGB, non-interlaced\012- data
Size:   90833
Md5:    bb389fb8ac980416ab6902b2204f31e7
Sha1:   10729d63e038cb3506a11de676a9373801742b56
Sha256: ac672c489cf43054dbf84adb9f302deacfe37aeecf7fc044b80a22e5438e679a
                                        
                                            POST /s/gts1d4/fJEv9uCjT0k HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 04 Jul 2022 01:56:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no-no?ch=O&ds=R1 HTTP/1.1 
Host: www.bigbasketshop.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediaflowmanager.com/
Cookie: _dflch=O; _dflsource=R1; _dflu=50666827
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.67.218.148
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:26 GMT
content-type: text/html;charset=UTF-8
cache-control: max-age=1800
cf-cache-status: HIT
age: 4728
last-modified: Mon, 04 Jul 2022 00:37:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zs%2F0XRPH%2Bcb3TgB194XOmU2OJ7j%2FOM0duylw%2B%2BVYyhuML1YSOVJf3eBxV%2FQzrkpeMkx949s%2Fx0YW3YEivCY2h6q858WCA3vToL%2Ba%2F38COu2suRVFkeWkjEJlIQhDBlUKf22sOvxiuqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72543e936c69b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4218), with CRLF, LF line terminators
Size:   23915
Md5:    8bb15ba0ae1a69c48b227dc328196357
Sha1:   f855ef7bf37ab8c6573f5d76b48c457fffd4cbe2
Sha256: 6d2877ada0d36bf1c0df88327dd07b3a2275f231cd3d800c0784b9a4ceb33292
                                        
                                            GET /js/v1/rtg.js HTTP/1.1 
Host: webtrafficsource.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Cookie: uxid=943ae37a-1144-4ac6-93fe-4ecaeb42cd0e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.107.149.195
HTTP/2 200 OK
                                        
content-type: application/javascript;charset=UTF-8
set-cookie: uxid=943ae37a-1144-4ac6-93fe-4ecaeb42cd0e; Path=/; Expires=Tue, 04 Jul 2023 01:56:27 GMT; Secure; SameSite=None
date: Mon, 04 Jul 2022 01:56:27 GMT
content-length: 644
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (433)
Size:   644
Md5:    ba9ab36f9ecd4f63e80e55badaac1e10
Sha1:   942a4bed0a877148624cadfa5ada712d5ee7a252
Sha256: 5dd38e6ebad90f4db8412acda216076de6504d94caf8a088952baf257525093f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 04 Jul 2022 01:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/fJEv9uCjT0k HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 04 Jul 2022 01:56:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /releases/v5.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bigbasketshop.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.169.247
HTTP/2 200 OK
                                        
date: Mon, 04 Jul 2022 01:56:27 GMT
content-type: font/woff2
content-length: 74348
x-amz-id-2: C+V1cCy0nBgece60sB7gV8AecdyaogCZnIACYHXLEOHBcoD9WXM0XcGgHnGZvaDJ7HUgUvS3IBw=
x-amz-request-id: EYMMC0B7TV3FQYNR
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
etag: "462806316fea535a6a57651bc2b000b0"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 31023914
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tkVfEh75t2Osd%2FGF7R8kLJaEzSyXGJ793rr0%2FB0MMzztLAvbYrMadV0ST82M%2Fm5%2B40JXHQljo81V%2BRrYNxIhNLPzOD4Ul7fu%2B8pbpTHeTUGFm6JEgF28qSN3Cnxyy7XKQuoNzc0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 72543e964f880afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 74348, version 329.31064\012- data
Size:   74348
Md5:    462806316fea535a6a57651bc2b000b0
Sha1:   80644191098f863f25be27841c0d92c452cf2327
Sha256: 4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 04 Jul 2022 01:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bigbasketshop.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:34:58 GMT
expires: Thu, 29 Jun 2023 19:34:58 GMT
cache-control: public, max-age=31536000
age: 368489
last-modified: Wed, 11 May 2022 19:25:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16720, version 1.0\012- data
Size:   16720
Md5:    c416910cae8fe4258cdf8c35933e9f4c
Sha1:   4a768ba0a3abc49b572c08c235db9f066ffc2b18
Sha256: 9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bigbasketshop.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:35:18 GMT
expires: Thu, 29 Jun 2023 19:35:18 GMT
cache-control: public, max-age=31536000
age: 368469
last-modified: Wed, 11 May 2022 19:25:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   17900
Md5:    4bc99ef35d8afed17dd3608b157888c4
Sha1:   cc8f1902d22c8f05fd91b0e1b3279b054f4ed695
Sha256: 25748af1ab2c18600c55f881c959e95691afa49de7eb60f2bf1edab2fa7bdc4f
                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bigbasketshop.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:36:34 GMT
expires: Thu, 29 Jun 2023 19:36:34 GMT
cache-control: public, max-age=31536000
age: 368393
last-modified: Wed, 11 May 2022 19:25:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16724, version 1.0\012- data
Size:   16724
Md5:    5953c42d844fb9011ae508f1911387b2
Sha1:   5f71a4ff19e33189cafaadf6a5b47e9b19563099
Sha256: d743a09716847ab20be4c21ed63dac6bcd496597379ee6d77ba2b3f4d4634439
                                        
                                            OPTIONS /tr HTTP/1.1 
Host: webtrafficsource.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.bigbasketshop.com/
Origin: https://www.bigbasketshop.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.107.149.195
HTTP/2 204 No Content
                                        
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type
access-control-allow-methods: POST,GET
access-control-allow-origin: *
date: Mon, 04 Jul 2022 01:56:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 04 Jul 2022 01:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /tr HTTP/1.1 
Host: webtrafficsource.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 187
Origin: https://www.bigbasketshop.com
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.107.149.195
HTTP/2 200 OK
                                        
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: Content-Length
date: Mon, 04 Jul 2022 01:56:27 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1322
Cache-Control: max-age=153280
Date: Mon, 04 Jul 2022 01:56:27 GMT
Etag: "62c1f761-1d7"
Expires: Tue, 05 Jul 2022 20:31:07 GMT
Last-Modified: Sun, 03 Jul 2022 20:09:05 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   31752
Md5:    030d8ed9e00534e0ce5883bad9684003
Sha1:   775ead007a324a3d02d32866420f7221f171a89d
Sha256: 49efb77bfb2d1819cca9861bca5bf22754e9d180c2783069d039d361010abde8
                                        
                                            GET /pt_BR/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bigbasketshop.com
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 8c4bee43d7ded2d352d6cbbea6ca2030
etag: "428571236a464af0544bb95814726b7e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 04 Jul 2022 02:04:10 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: uuxoGf+cmRB2DVc5nvgcfw==
x-fb-debug: xx4OAyIcvrZkaybTrNBFQmJVvQyjAqFbxZZrCs57SiAuMILIhv9TIXHjZPz6bJX/009zq33zFmFOlyos1w2bvg==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Mon, 04 Jul 2022 01:56:27 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1687
Md5:    baec6819ff9c9910760d57399ef81c7f
Sha1:   dd904dfe96b7c48afc32265a0df74b631edd0f26
Sha256: 0db6105e2b7e609d5d1aa1d9d3b0cfa64cc68bc207cd8a9f03b7d708ee8d6eb3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1322
Cache-Control: max-age=153280
Date: Mon, 04 Jul 2022 01:56:27 GMT
Etag: "62c1f761-1d7"
Expires: Tue, 05 Jul 2022 20:31:07 GMT
Last-Modified: Sun, 03 Jul 2022 20:09:05 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pt_BR/sdk.js?hash=5a5701878a24d497849067a9a4e4f82f HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bigbasketshop.com
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.200.14
HTTP/2 200 OK
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: aa6e5976017b1b16f744d7d6be21925b
etag: "c241f9ed5f1b16617e614715039a48c6"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 04 Jul 2023 01:44:32 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: BumtEXUEM6pbayVHS6zTCg==
x-fb-debug: 4JaxwLkcP+grAJUne406yNdgP5WAQuEaR3jjB9ZWf9QVQ+CapH0mSKF65yJmGFo3aM1IldUK3LN9tWj16VB3fw==
priority: u=3,i
content-length: 86095
x-fb-trip-id: 1679558926
date: Mon, 04 Jul 2022 01:56:27 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13071)
Size:   86095
Md5:    06e9ad11750433aa5b6b25474bacd30a
Sha1:   b58a4e36b5b80737a2fa6a907253327ed429641e
Sha256: 999d03078e37ee5a881673162d88d79b50c4314ee395d8a99036122f10fd5532
                                        
                                            GET /images3_pi/2021/03/12/1615547224c1af221d9246741c373f904d45efbb12.jpg HTTP/1.1 
Host: img.ltwebstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.18
HTTP/2 200 OK
                                        
server: openresty
content-type: image/jpeg
content-length: 87024
last-modified: Thu, 09 Jun 2022 15:12:22 GMT
etag: "62a20dd6-153f0"
cache-tag: 2022062208
accept-ranges: bytes
cache-control: max-age=604800
expires: Mon, 11 Jul 2022 01:56:27 GMT
date: Mon, 04 Jul 2022 01:56:27 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1200x1200, components 3\012- data
Size:   87024
Md5:    fe1c2169f0e9c32281a94bc382ba5998
Sha1:   ea58442de67d5a9f96bf3f97520bfe1e9186c874
Sha256: 7a732dceb64e3f91cff94c94d3000b0285a9eff3c77e2a2d5e03958ae164c3c0
                                        
                                            GET /images3_pi/2021/02/03/161234546436e1f4ae4eee75fb2a686048cd7ab20b.jpg HTTP/1.1 
Host: img.ltwebstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.18
HTTP/2 200 OK
                                        
server: openresty
content-type: image/jpeg
content-length: 389633
last-modified: Tue, 21 Jun 2022 04:22:42 GMT
etag: "62b14792-5f201"
cache-tag: 2022062115
accept-ranges: bytes
cache-control: max-age=604800
expires: Mon, 11 Jul 2022 01:56:27 GMT
date: Mon, 04 Jul 2022 01:56:27 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1200x1200, components 3\012- data
Size:   389633
Md5:    d39d2165093a89322ed60a0b68f49771
Sha1:   96531fc5f5dfed141298bc08648e75e2a6f8b3cb
Sha256: 5856fce397a96509fa9f341f5c09724a3ab7293517e39db3e4dd2566570869bc
                                        
                                            GET /images3_pi/2021/04/13/1618285638660aa68736d1168b970e3841a55e69f4.jpg HTTP/1.1 
Host: img.ltwebstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.18
HTTP/2 200 OK
                                        
server: openresty
content-type: image/jpeg
content-length: 226073
last-modified: Tue, 21 Jun 2022 07:12:42 GMT
etag: "62b16f6a-37319"
cache-tag: 2022062115
accept-ranges: bytes
cache-control: max-age=604800
expires: Mon, 11 Jul 2022 01:56:27 GMT
date: Mon, 04 Jul 2022 01:56:27 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   229086
Md5:    7898d02bd338146984c4f03b1a9ef997
Sha1:   ac749f6b9d9f216917a8616ec180745995d0b989
Sha256: 7e669ad95e34ab0d8a9f5815034e40b176bcb7035d606464e6fdc0f3d309fe78
                                        
                                            GET /product/xy/500/500/p/gu1/I/0/I4930/I4930-1-9da8-DCLD.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.24
HTTP/2 200 OK
                                        
content-type: image/webp
content-length: 29130
x-amz-id-2: V++lVtSZjyuMAgmK4JYxDYhL8Aj2C8j7Xf/H+8oxOICgEdDBPapbegHoEiYVdeSOeBQae1pwOvg=
x-amz-request-id: X11SG2W0KEVPRPY1
date: Thu, 30 Jun 2022 02:17:14 GMT
last-modified: Fri, 23 Aug 2019 13:08:48 GMT
etag: "49b7f29c5b008d37d9c73679e2560875"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wAJ3DyLOVrE49U_yXJlmiwUdCMrD4iHfGtn8wBLkfsQMmk6ZUWZW4Q==
age: 344354
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   29130
Md5:    49b7f29c5b008d37d9c73679e2560875
Sha1:   7615ea9d98e2b2bea0b820c167331e9d7af7bca1
Sha256: 6caac1fc15a4e0c64d62e20bdee28ddf0fcfa03ed231c8948b9761666bc789d0
                                        
                                            GET /product/xy/500/500/p/gu1/R/9/RM10629/RM10629-1-d9b4-LSeG.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.24
HTTP/2 200 OK
                                        
content-type: image/webp
content-length: 24028
x-amz-id-2: CuUEl32WNs1e1RgQilGdXm7m/jrV1SH0+Qs4S6XNsfUE2pFqAHL7CB/r7pam6K66Yzrawcmsgkw=
x-amz-request-id: KVRX5QTYADEPEZP3
date: Sat, 02 Jul 2022 20:30:42 GMT
last-modified: Thu, 30 Aug 2018 06:04:29 GMT
etag: "5a2b317cea819187d93e1dbc09a0c4ee"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WgjHI7jcbjv8_-Jftffpi4_vTkjjUhm4nk5CgekTTMnEljJiZGAhUw==
age: 105946
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   24028
Md5:    5a2b317cea819187d93e1dbc09a0c4ee
Sha1:   08cda39ffdc245e5c43472adbe66c0d74d7e3969
Sha256: 714fdff5b1f345aba5b0e43f40815cbac333cd70a6c889ba0244958410f83e2a
                                        
                                            GET /product/xy/500/500/p/gu1/A/2/ALH2863282/ALH2863282-1-7f8e-yDk8.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.24
HTTP/2 200 OK
                                        
content-type: image/webp
content-length: 5300
x-amz-id-2: 6NYmoQdGn87fsKS7z57go1EM/2bpnXJff2mCRHXdV7biV32APxuyYM/FReocs7h8/E2K45A0KDY=
x-amz-request-id: 4E5K9S5BW05W1DN9
date: Sat, 04 Jun 2022 12:05:08 GMT
last-modified: Wed, 02 Sep 2020 07:08:06 GMT
etag: "67dbbb6b6de436c9a759648701341d80"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e1byTwGGDqtr8HvzmwqOqds33aU_OK_4sEoXM-dtH0XvpMV4qDwA3Q==
age: 2555480
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   5300
Md5:    67dbbb6b6de436c9a759648701341d80
Sha1:   feef71ffa83a8fed0756a84b65e43eab28ba3c3b
Sha256: d615cc0bdfbcf287f8f205cd8743c7c576abfbec31dd10a4768942decb0f32b3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 04 Jul 2022 01:56:27 GMT
Etag: "62c1e76d-1d7"
Last-Modified: Mon, 04 Jul 2022 00:48:28 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QCgJkJ3HQjpq03BCZRCUWS6V7R1G5nYm8nqNW5mrIbFeY3Giaj1Q7Q==
Age: 4080

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 04 Jul 2022 01:56:27 GMT
Last-Modified: Mon, 04 Jul 2022 00:48:28 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kiambuhjee37eJ7NeGLaPFe6EqgGlQsNr1GqgWVYHi7GOWeZTLYn5Q==
Age: 4080

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 04 Jul 2022 01:56:27 GMT
Etag: "62c1e76d-1d7"
Last-Modified: Mon, 04 Jul 2022 01:35:16 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gAV09IklYHSXQ_TnOFG7YTyVA1QtCmk0jz6rzO4fDIY8DjmqAUsv0Q==
Age: 1271

                                        
                                            GET /product/xy/500/500/p/gu1/D/0/D7270/D7270-1-a97e-GxVi.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.24
HTTP/2 200 OK
                                        
content-type: image/webp
content-length: 21792
x-amz-id-2: qPF/v1GbBJha91dNmh3ClVKTwB4eq1c6DEwQQrD4O97pOfHZ33yxPcYKQ9vymXJRU+T6+LV+7Co=
x-amz-request-id: ZS5X59MZ905R5F4Y
date: Mon, 27 Jun 2022 22:06:18 GMT
last-modified: Wed, 28 Aug 2019 07:14:47 GMT
etag: "90a7d464bddbc968c51ecdcd75f6cdc2"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tOmeQROawEz7E9DyN26nqTeafIZ-dF62lFm3mS1UMa4jT8Crrs-UsQ==
age: 532210
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   21792
Md5:    90a7d464bddbc968c51ecdcd75f6cdc2
Sha1:   fe4df3160a5c60daed043af6b252e2eae85714f4
Sha256: 3ec77d26b6874c918036bb32ddb15f8ed91b2319c11fe76c56eb278323d88706
                                        
                                            GET /product/xy/500/500/p/gu1/R/R/RM6744R/RM6744R-1-6757-rL4q.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.24
HTTP/2 200 OK
                                        
content-type: image/webp
content-length: 17878
x-amz-id-2: OMzgxDfePzAwDlwJf3FxS2pk1mWhMSU6ubjW8m2dolkUdgZKMN3BVNTfl2I1k0xP/oS8gkpifUY=
x-amz-request-id: MGHVCK2M3XRWKPDJ
date: Tue, 14 Jun 2022 03:00:10 GMT
last-modified: Fri, 09 Mar 2018 22:30:49 GMT
etag: "33ff6917dcc39c00d9fa8800c0bb241f"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HmZj14pvgFziB8MxDeNkL9ESLvtSPQkPc1DHS7fgQrU9sDgOTc_PtQ==
age: 1724178
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   17878
Md5:    33ff6917dcc39c00d9fa8800c0bb241f
Sha1:   fcf5f13f30266475cd88c273ae16ff5c2b5dbbc5
Sha256: e8a5f81d0dcf9369ddb825c9764390f9b98b35df6dda94195146fc1ea9206ad8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147874
Date: Mon, 04 Jul 2022 01:56:27 GMT
Etag: "62c1e76d-1d7"
Expires: Tue, 05 Jul 2022 19:01:01 GMT
Last-Modified: Sun, 03 Jul 2022 19:01:01 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cEeuNPPOa5noBXFiLpNQxCBlKcAWMbXTHxNKD3v_YnmpDP1y13MDYQ==

                                        
                                            GET /product/xy/500/500/p/gu1/K/5/K6325/K6325-1-d9a4-2Qda.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.24
HTTP/2 200 OK
                                        
content-type: image/webp
content-length: 12408
x-amz-id-2: Lt1rJFa+WHgOO4SPptR+hZl39lJkZxM58vjc1AusgpxaTb354/1aoO9Qo0XZC23QEHoKkD8uQh4=
x-amz-request-id: RK417HPD479R00XV
date: Mon, 20 Jun 2022 09:16:23 GMT
last-modified: Fri, 06 Apr 2018 08:43:35 GMT
etag: "efd7cd4e81662cc5682187cd3389559a"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g8wrHA00cKvIrJGeWP_mzfFotzKLQsrn6bnj-oolN5owAsQulrNDPQ==
age: 1183206
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   12408
Md5:    efd7cd4e81662cc5682187cd3389559a
Sha1:   e2e59d0f2ed9ca6a682aedfcc093265295cdaeba
Sha256: 1ec0c198d503ac6cf4c439bb0832b132a60b96ea841df671e6c2b69f7934ab96
                                        
                                            GET /product/xy/500/500/p/gu1/E/0/E11824-120/E11824-120-1-08e4-wUGo.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.24
HTTP/2 200 OK
                                        
content-type: image/webp
content-length: 56762
x-amz-id-2: 21jicYxpTuYRWJ45PJJ4Ghz4Rl2ycGJJAF8rT+4xJSPpIeV9bMeoTX6SaxuhwyIt4RslywbBq5s=
x-amz-request-id: QZ93GZPQFP5SAPBG
date: Tue, 28 Jun 2022 04:17:50 GMT
last-modified: Wed, 26 Aug 2020 07:01:21 GMT
etag: "a73b37f94d3330e9f4e9ca202a575729"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uKdbmKxSoNylJc8RMzUdiCVINeV6MZaVAXtqN2xzGApd_iqKjfdx8Q==
age: 509919
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   56762
Md5:    a73b37f94d3330e9f4e9ca202a575729
Sha1:   bd0a9b63812a17ee843a5a07829dcc9a748f21bf
Sha256: 838d8396369035ea6a63f267d56bc2c63807c0f0dbf890376d69a4f8ab95175a
                                        
                                            GET /tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.bigbasketshop.com%2Fno-no%3Fch%3DO%26ds%3DR1&rl=https%3A%2F%2Fmediaflowmanager.com%2F&if=false&ts=1656899788836&sw=1280&sh=1024&at= HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bigbasketshop.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
                                        
content-type: image/gif
date: Mon, 04 Jul 2022 01:56:28 GMT
expires: Mon, 04 Jul 2022 01:56:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    b798f4ce7359fd815df4bdf76503b295
Sha1:   f8cc6addf1707ad236ad9970b0a48f9733d07da5
Sha256: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa