tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451
185.249.183.231301 Moved Permanently 0 B URL HTTP/1.1 tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451
IP 185.249.183.231:0
ASN #34081 INCUBATEC GmbH - Srl
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451 HTTP/1.1
Host: tr.couponforyou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e1e94f036b0e677a492e4238b9443034
862ebeb19164d77b65229976b12338c399ce0bd9
1875033f6e187cdb371b497b6640a3c9625283b6a4b12de5bbc5be326365b6a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1875033F6E187CDB371B497B6640A3C9625283B6A4B12DE5BBC5BE326365B6A9"
Last-Modified: Mon, 13 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15142
Expires: Tue, 14 Feb 2023 06:06:21 GMT
Date: Tue, 14 Feb 2023 01:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b39c3955aa73765d5c9cbe0d4c52f83
b13bf774f0189207d90d846b86b68fcf2f64f868
f6fea261b800d26e329ced17006c9f5d10b6c490dac3b2276cc7b0e2aa38316c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6FEA261B800D26E329CED17006C9F5D10B6C490DAC3B2276CC7B0E2AA38316C"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8425
Expires: Tue, 14 Feb 2023 04:14:24 GMT
Date: Tue, 14 Feb 2023 01:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3534c46dafa4e959cb5f4aba0b1d8cd7
f4aa8774355b04bf1f074aeb73c56c52b32568ab
68b7b6679046611b607c073416e818c6d0391e2953ecc8781b02e57a9b5af306
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68B7B6679046611B607C073416E818C6D0391E2953ECC8781B02E57A9B5AF306"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16242
Expires: Tue, 14 Feb 2023 06:24:41 GMT
Date: Tue, 14 Feb 2023 01:53:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 14 Feb 2023 01:37:18 GMT
content-type: application/json
age: 1001
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jR9CdXIJsrtyfEuxFHB85i4gGpMXZ/QtkxB1WRCtDjg+/fiRqfMMp7vS/+9imYxpU+//lIBjoUw=
x-amz-request-id: D9EZ6V24HDDJ6AJV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 14 Feb 2023 01:46:45 GMT
age: 434
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 14 Feb 2023 01:53:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 14 Feb 2023 01:14:53 GMT
age: 2346
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 188e06be43a4f1b02aa98f1762147970
5e6b7e3a172fb7327331fd8c7f74559d079bd4fb
89bd97cff26b8d656f26db21b59b02fbc3f671ac903e1e44735c7472ebd05090
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89BD97CFF26B8D656F26DB21B59B02FBC3F671AC903E1E44735C7472EBD05090"
Last-Modified: Mon, 13 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14675
Expires: Tue, 14 Feb 2023 05:58:34 GMT
Date: Tue, 14 Feb 2023 01:53:59 GMT
Connection: keep-alive
yourcashreward.net/index.php?m=privacy
138.201.50.169302 Moved Temporarily 0 B URL HTTP/1.1 yourcashreward.net/index.php?m=privacy
IP 138.201.50.169:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?m=privacy HTTP/1.1
Host: yourcashreward.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Tue, 14 Feb 2023 01:53:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
location: http://your-reward.biz
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.167.125.33101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.125.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: t1ZAdSNReq9ZYUdaR5/1Uw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: REgF/sssDE+Xs2qd7l9Wh6lieD0=
your-reward.biz/
107.161.178.194302 Moved Temporarily 118 B IP 107.161.178.194:0
Hash d706d50619fe7701da32577853325734
2ee59e7808616e700c309f61918bc96074a6741b
2e80cca91d5fc74664e08451d1024e9923a4b772f1ac543bbfd7d8db24b264de
GET / HTTP/1.1
Host: your-reward.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Tue, 14 Feb 2023 01:53:59 GMT
Server: Apache mod_bwlimited/1.4
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
location: http://your-reward.biz/en/?m=
Content-Length: 118
Keep-Alive: timeout=3, max=70
Content-Type: text/html; charset=UTF-8
your-reward.biz/en/?m=
107.161.178.194200 OK 4.9 kB IP 107.161.178.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash e2cc88bc801c76bd7fedab840f9cc032
f3ec7781561fd547760251c0281a29367b725f18
47fefcae478eb467288ea87ea2e7eb962199060f4aa0430280fb7dff16ada716
GET /en/?m= HTTP/1.1
Host: your-reward.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:53:59 GMT
Server: Apache mod_bwlimited/1.4
Content-Length: 4925
Keep-Alive: timeout=3, max=69
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
your-reward.biz/en/js/bootstrap.min.js
107.161.178.194200 OK 37 kB URL HTTP/1.1 your-reward.biz/en/js/bootstrap.min.js
IP 107.161.178.194:0
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /en/js/bootstrap.min.js HTTP/1.1
Host: your-reward.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://your-reward.biz/en/?m=
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:00 GMT
Server: Apache mod_bwlimited/1.4
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 15 Jan 2019 15:15:25 GMT
ETag: "49206ac-90b5-57f80a1769d40"
Accept-Ranges: bytes
Content-Length: 37045
Keep-Alive: timeout=3, max=70
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d42a01fdf9af7a50d630c42fde100d30
a7568d35657f934220298ca4c2fb102398554196
f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3149
Expires: Tue, 14 Feb 2023 02:46:30 GMT
Date: Tue, 14 Feb 2023 01:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d42a01fdf9af7a50d630c42fde100d30
a7568d35657f934220298ca4c2fb102398554196
f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3149
Expires: Tue, 14 Feb 2023 02:46:30 GMT
Date: Tue, 14 Feb 2023 01:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d42a01fdf9af7a50d630c42fde100d30
a7568d35657f934220298ca4c2fb102398554196
f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3149
Expires: Tue, 14 Feb 2023 02:46:30 GMT
Date: Tue, 14 Feb 2023 01:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d42a01fdf9af7a50d630c42fde100d30
a7568d35657f934220298ca4c2fb102398554196
f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3096
Expires: Tue, 14 Feb 2023 02:45:37 GMT
Date: Tue, 14 Feb 2023 01:54:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8526505043a5b3a1a8a3e86f80dd796
121031f827508bc441ab34387ffdf9bf878c43a9
70e9f640c8339aea888ceea9fd2ef74fa2c3ea210f69fa22442155dca61a799e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10635
x-amzn-requestid: 98a6b744-d08f-4e53-a0b0-735b336c8513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_zjG9boAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace3-5d86345a4ee7009e61291369;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KJ56reDkEbXg0bE7sE4pB1n7Lkn1nLiKblbKM9aFYCow4tpHrIqGnw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:26:43 GMT
etag: "121031f827508bc441ab34387ffdf9bf878c43a9"
content-type: image/jpeg
age: 12438
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa801374a-514c-45d6-b314-1b177300684c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa801374a-514c-45d6-b314-1b177300684c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 798c45b6ff58fbda19c7e927267cf234
fc569c547b361ff3fe3d28e362bb09546d0e75f5
d35b11adf84262c8aa485fa1a93d485c71f1a68a68cfedb142946ccc3bf809ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa801374a-514c-45d6-b314-1b177300684c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10068
x-amzn-requestid: ed7c343b-63cf-4294-8dd1-c0f619c7a305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_0hEpKIAMF6-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace9-22bc96ba036f73575f3b8d30;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SMHjJzrBytie2Xe4KVVpP7oL6Wlzwr0us4bIhcJLMbEHrhOcE5lb3g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:14:55 GMT
age: 13146
etag: "fc569c547b361ff3fe3d28e362bb09546d0e75f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 504b69ec2b6350345c36777959b0765a
c302824325b8f0839c7de54af9c5bd02541e4269
6e3a5b1cd7d17a9f448b8189d5683567269b3b3d461838770482283898008f39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14477
x-amzn-requestid: 2544b5cc-3fb0-4536-88ec-8cb9044fb612
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANtsXFBYoAMF6tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e88fe8-452901f67af9f5d95ccc61c3;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 07:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hy4pKD0EX3RY8ayeOzmZvNG-K7qwaVP4VPjPOxcpUGmk2x09fKFFRg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 07:20:10 GMT
age: 66831
etag: "c302824325b8f0839c7de54af9c5bd02541e4269"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b064cd-e914-46c4-9261-f5cf1e300786.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b064cd-e914-46c4-9261-f5cf1e300786.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e24473b3e335f2046f72ea198a1a9ac8
346f3744c1fd32467ac8c1783f7c28c0ffd3cc4b
87fb8a02fb286ccd1d04abe4052fb08617fc68692515aa6daed2895e83827ccd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b064cd-e914-46c4-9261-f5cf1e300786.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10677
x-amzn-requestid: 7fbf05af-939a-443c-9add-f856b5ab4b1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_zFH3hoAMFUkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace0-0676c24e496661ff545249f0;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ASk3lL6xNgUz-lLwE7lpLLh_PK_Iq-PSAz3VSOZrEweutYlfUggXTg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:26:35 GMT
etag: "346f3744c1fd32467ac8c1783f7c28c0ffd3cc4b"
content-type: image/jpeg
age: 12446
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74073173-a5a0-46f8-b23e-201ea802ab67.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74073173-a5a0-46f8-b23e-201ea802ab67.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfbb7efa6627641ed50ee7738b2e2561
a759d26d6c811f964125ccba6e11498bca6b64c8
d1b2ea74eb288c5530c761830023830e43a6e8441594252736d6aa130dfd6520
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74073173-a5a0-46f8-b23e-201ea802ab67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8419
x-amzn-requestid: d19bc4f6-4174-4563-a1ef-c27ba0a9e3ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_zuHdGIAMFQlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace4-5e914df75bfda625564e1142;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e0GAkTbo83Kf6PvNKGWEeTfnGeFsgaNYwkTj6wLZcvSY_Ax4cW8jjA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:14:48 GMT
age: 13153
etag: "a759d26d6c811f964125ccba6e11498bca6b64c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89a52476-4658-4eca-8e19-73d3b2e5cfbd.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89a52476-4658-4eca-8e19-73d3b2e5cfbd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c5476f427b1609e143ce4f04f03d364
2af39c0fff067a42c843f20e1aedae37fb9d2fe0
64a7bf3a3101ccfe51b0d566889647a3947d24df4ecd89868df1675a2314fb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89a52476-4658-4eca-8e19-73d3b2e5cfbd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5182
x-amzn-requestid: ffb926ce-21e0-4e6c-a8e3-94fb758d57c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANuThFSIoAMF0dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e890e3-110b3f4d29f5ddcb28f1aeb5;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 07:10:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: e7HiXya-AsvtMjEqih18xqzaClzimfaHhoQFY8eyOkG1EDAZ1TUB8Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 07:32:29 GMT
age: 66092
etag: "2af39c0fff067a42c843f20e1aedae37fb9d2fe0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
your-reward.biz/en/js/jquery.js
107.161.178.194200 OK 96 kB URL HTTP/1.1 your-reward.biz/en/js/jquery.js
IP 107.161.178.194:0
File type ASCII text, with very long lines (32086)
Hash 3c9137d88a00b1ae0b41ff6a70571615
1797d73e9da4287351f6fbec1b183c19be217c2a
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
GET /en/js/jquery.js HTTP/1.1
Host: your-reward.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://your-reward.biz/en/?m=
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:00 GMT
Server: Apache mod_bwlimited/1.4
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 15 Jan 2019 15:15:26 GMT
ETag: "49206aa-17629-57f80a185df80"
Accept-Ranges: bytes
Content-Length: 95785
Keep-Alive: timeout=3, max=70
Content-Type: application/javascript
your-reward.biz/en/css/business-frontpage.css
107.161.178.194200 OK 148 kB URL HTTP/1.1 your-reward.biz/en/css/business-frontpage.css
IP 107.161.178.194:0
File type ASCII text, with very long lines (540)
Size 148 kB (147467 bytes)
Hash 98297f9626df9c555503d7995e1c4b75
cda01a0b3ec94ece2aafdec296a39ab8cddc227b
34f721425e3013d9110fd99cef00dfa4cd5d4d3b226198e94d133e23babc5710
GET /en/css/business-frontpage.css HTTP/1.1
Host: your-reward.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://your-reward.biz/en/?m=
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:00 GMT
Server: Apache mod_bwlimited/1.4
Last-Modified: Tue, 15 Jan 2019 15:15:23 GMT
ETag: "49206b6-2400b-57f80a15818c0"
Accept-Ranges: bytes
Content-Length: 147467
Keep-Alive: timeout=3, max=68
Connection: Keep-Alive
Content-Type: text/css
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 3e4a093691500e82409d2944c4c24095
9f9314d0d03e290d68e1395c803dce4a9d052c71
b5c09d07e9fb5dd34f5d3b6ac0eeb0416d7b7495d0352a4a04c10b1ba5f9ced4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 14 Feb 2023 00:06:10 GMT
Expires: Tue, 21 Feb 2023 00:06:09 GMT
Etag: "9f9314d0d03e290d68e1395c803dce4a9d052c71"
Cache-Control: max-age=597727,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79922c67b824b4e8-OSL
www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm
178.255.74.101200 OK 8.4 kB URL HTTP/1.1 www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm
IP 178.255.74.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (339), with CRLF, LF line terminators
Hash 7f2336e16f00d6057a91a98057714850
c69fd5fc48b20862b47d9d51b70026547737e3d0
d94b58c31f835e856102a258d79a160f1765061c3cd5e03496ddbfc0d2b09787
GET /en_yonkana/en_yonkana-formsitarelli.htm HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://your-reward.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:01 GMT
Server: Apache
X-Powered-By: PHP/5.4.13
Set-Cookie: PHPSESSID=gvlmagktsmsu7sghh5tu6qbsf5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=2
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
your-reward.biz/en/img/header.jpg
107.161.178.194200 OK 73 kB URL HTTP/1.1 your-reward.biz/en/img/header.jpg
IP 107.161.178.194:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=nadezhda1906 - Fotolia], baseline, precision 8, 1920x400, components 3\012- data
Hash 348b9af8c9ab69c6481b375c5af3cd96
d1a0d874fe56421f33bcd8845234b54aa7dc3a57
5876ec37e112781a846fc8ae48107607535f73ee14be5431ab7cabe66c8f8714
GET /en/img/header.jpg HTTP/1.1
Host: your-reward.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://your-reward.biz/en/css/business-frontpage.css
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:00 GMT
Server: Apache mod_bwlimited/1.4
Last-Modified: Tue, 15 Jan 2019 15:15:28 GMT
ETag: "49206b2-11be9-57f80a1a46400"
Accept-Ranges: bytes
Content-Length: 72681
Keep-Alive: timeout=3, max=69
Connection: Keep-Alive
Content-Type: image/jpeg
www.offerteperte.net/stili/solo-form/css.css
178.255.74.101200 OK 3.2 kB URL HTTP/1.1 www.offerteperte.net/stili/solo-form/css.css
IP 178.255.74.101:0
File type ASCII text, with CRLF line terminators
Hash 501dd855b8a75c65517cb4028f795827
0443440024978d94c994b229d2d29c57a8a01173
b6deb732bb3ff7b5ec492d6f9cfba303e224ff7ce1c50ae5a71493b5a83e48b1
GET /stili/solo-form/css.css HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:01 GMT
Server: Apache
Last-Modified: Wed, 01 Jul 2015 14:39:59 GMT
ETag: "a3605f7-c5d-519d14c1ceadd"
Accept-Ranges: bytes
Content-Length: 3165
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/css
your-reward.biz/favicon.ico
107.161.178.194404 Not Found 315 B URL HTTP/1.1 your-reward.biz/favicon.ico
IP 107.161.178.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /favicon.ico HTTP/1.1
Host: your-reward.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://your-reward.biz/en/?m=
HTTP/1.1 404 Not Found
Date: Tue, 14 Feb 2023 01:54:01 GMT
Server: Apache mod_bwlimited/1.4
Content-Length: 315
Keep-Alive: timeout=3, max=69
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f5067af0270e15c7a9474f4164857326
32b475f2e62e41425bed727d9879ebcbbb60aa3a
60d910b309744465e215e9a977ad16146387dcc6c1160ae1192d5c26e71c02b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 01:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.offerteperte.net/stili-comuni/stile.css
178.255.74.101200 OK 690 B URL HTTP/1.1 www.offerteperte.net/stili-comuni/stile.css
IP 178.255.74.101:0
File type ASCII text, with CRLF line terminators
Hash 00cbcecd0bf7d355d88af1f4e6477cd0
ed7585a126331da791b5bdb9d71723895184189f
e66a7715b91e9aecb422db51130352662e4c1ce241cbd6f7914e0ff4a734c4bb
GET /stili-comuni/stile.css HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:01 GMT
Server: Apache
Last-Modified: Wed, 02 Apr 2014 16:41:29 GMT
ETag: "a2a05ba-2b2-4f611f4d02040"
Accept-Ranges: bytes
Content-Length: 690
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/css
www.offerteperte.net/js/richiesta.js
178.255.74.101200 OK 7.1 kB URL HTTP/1.1 www.offerteperte.net/js/richiesta.js
IP 178.255.74.101:0
Hash b070d3a8a38d606d8c4e5c53974e3f1e
9ed08565c8669c539bed39d5847c96a47810ffd6
c2fabaa0177fee68f191d7c5df162be0d3ae59367f70a75de08deaec2f4fc43c
GET /js/richiesta.js HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:01 GMT
Server: Apache
Last-Modified: Wed, 12 May 2021 09:02:13 GMT
ETag: "a2a0de9-1bd2-5c21e4439cf40"
Accept-Ranges: bytes
Content-Length: 7122
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: application/javascript
www.offerteperte.net/stili-comuni/jqueryui/sunny/jquery-ui-1.8.9.custom.css
178.255.74.101200 OK 35 kB URL HTTP/1.1 www.offerteperte.net/stili-comuni/jqueryui/sunny/jquery-ui-1.8.9.custom.css
IP 178.255.74.101:0
File type ASCII text, with very long lines (1446), with CRLF line terminators
Hash ffa9ca0caede5d942dd2e0172ccea619
614a63ee078a2892554d67c3e8050c1b9b62635b
326898f2b340d43c8a4a865c1700f1c5a35bd14020ba3ba7e2a0bf4d216e7ec4
GET /stili-comuni/jqueryui/sunny/jquery-ui-1.8.9.custom.css HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:01 GMT
Server: Apache
Last-Modified: Wed, 02 Apr 2014 16:41:30 GMT
ETag: "a3605dc-87b3-4f611f4df6280"
Accept-Ranges: bytes
Content-Length: 34739
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Raleway
142.250.74.74200 OK 967 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway
IP 142.250.74.74:0
Hash e8286e9797bbb6c71cd98a70c229d39d
b20cf3f9e8075b639db136afa51669bc94965ebd
7437e771b5280fff6c9271236c39b285386000ff01f607b1688075fbcf624a11
GET /css?family=Raleway HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 14 Feb 2023 01:54:01 GMT
date: Tue, 14 Feb 2023 01:54:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.offerteperte.net/js/jquery.min.js
178.255.74.101200 OK 95 kB URL HTTP/1.1 www.offerteperte.net/js/jquery.min.js
IP 178.255.74.101:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash b8d64d0bc142b3f670cc0611b0aebcae
abcd2ba13348f178b17141b445bc99f1917d47af
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
GET /js/jquery.min.js HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:01 GMT
Server: Apache
Last-Modified: Fri, 28 Aug 2015 09:27:20 GMT
ETag: "a2a05a0-17278-51e5bb0d02ac1"
Accept-Ranges: bytes
Content-Length: 94840
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: application/javascript
www.offerteperte.net/js/jquery-ui.min.js
178.255.74.101200 OK 207 kB URL HTTP/1.1 www.offerteperte.net/js/jquery-ui.min.js
IP 178.255.74.101:0
File type ASCII text, with very long lines (658)
Size 207 kB (207146 bytes)
Hash 1f8cfeffe7c643c9f219b180612085af
777046d84ce3b57fac146218da57af39c924a6eb
14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5
GET /js/jquery-ui.min.js HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:01 GMT
Server: Apache
Last-Modified: Wed, 02 Apr 2014 16:40:44 GMT
ETag: "a2a059f-3292a-4f611f2217b00"
Accept-Ranges: bytes
Content-Length: 207146
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: application/javascript
www.offerteperte.net/immagini/en_yonkana/en_yonkana-formsitarelli/23-1499438409-EN_richiedi_subito.png
178.255.74.101200 OK 9.4 kB URL HTTP/1.1 www.offerteperte.net/immagini/en_yonkana/en_yonkana-formsitarelli/23-1499438409-EN_richiedi_subito.png
IP 178.255.74.101:0
File type PNG image data, 200 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 41154e6fc98aff072164c5345dd673a1
ebc0a5be61de5f8ead52a17916b627f059bf9203
b8c53e8fc572b1fb9f44bcaea383666d8fe05f667d1c4d28cf40f56e4c7a38a1
GET /immagini/en_yonkana/en_yonkana-formsitarelli/23-1499438409-EN_richiedi_subito.png HTTP/1.1
Host: www.offerteperte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:54:01 GMT
Server: Apache
Last-Modified: Fri, 07 Jul 2017 14:40:11 GMT
ETag: "a3203ad-24c5-553bb35e8b4ad"
Accept-Ranges: bytes
Content-Length: 9413
Keep-Alive: timeout=2
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 605c0a47169c45b131ccb1ed345cf048
110d17ee2aa9a2cb7128e27554ec8dcbb1f59296
0ac9bb15a9f9edd3750752ddf33d3478bedd369cc5f22b6a0e258f55958b7774
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 01:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
142.250.74.35200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21280, version 1.0\012- data
Hash 16911581ab7ea10687a5aee74cbc5612
b0b24248345739209d753a4ac77ccfc1f627b219
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.offerteperte.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 00:56:18 GMT
expires: Fri, 09 Feb 2024 00:56:18 GMT
cache-control: public, max-age=31536000
age: 435464
last-modified: Mon, 18 Jul 2022 19:57:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 605c0a47169c45b131ccb1ed345cf048
110d17ee2aa9a2cb7128e27554ec8dcbb1f59296
0ac9bb15a9f9edd3750752ddf33d3478bedd369cc5f22b6a0e258f55958b7774
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 01:54:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451
185.249.183.231302 Found 0 B URL HTTP/2 tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451
IP 185.249.183.231:0
ASN #34081 INCUBATEC GmbH - Srl
GET /go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451 HTTP/1.1
Host: tr.couponforyou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Tue, 14 Feb 2023 01:53:59 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
location: http://yourcashreward.net/index.php?m=privacy
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
set-cookie: _backend=www3|Y+rpu|Y+rpu; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2