www.bevhtrk.com/B9KLQL/32ZCPBQ/?sub1=091022pwgam&sub2=102365f6da9e4169389fcb643d65ab&sub3=1241&sub4=1000
34.107.202.36302 Found 153 B URL HTTP/1.1 www.bevhtrk.com/B9KLQL/32ZCPBQ/?sub1=091022pwgam&sub2=102365f6da9e4169389fcb643d65ab&sub3=1241&sub4=1000
IP 34.107.202.36:0
File type HTML document, ASCII text
Hash 85cecf7287d36bc1e355b54ef7baa7d2
45c11e158673e4df7c98cc2076a3489c9f7fc1ce
aa7f49d4f2a40d6b97b5cfa7974e487102f21822a3748e0b5ec24bed031b2605
GET /B9KLQL/32ZCPBQ/?sub1=091022pwgam&sub2=102365f6da9e4169389fcb643d65ab&sub3=1241&sub4=1000 HTTP/1.1
Host: www.bevhtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
server: nginx
date: Wed, 30 Nov 2022 04:54:35 GMT
content-type: text/html; charset=utf-8
content-length: 153
location: https://www2.radiantatanyage.com/cid/7013w000002HDXQAA4?subid1=309982fb0df646a3838fd8334898c025&subid2=205&subid5=everflow
set-cookie: uniqueClick_32ZCPBQ=9dd62299-f162-427a-9266-48da0f77f396:1669784075; Path=/; Expires=Thu, 01 Dec 2022 04:54:35 GMT; SameSite=None
transaction_id=309982fb0df646a3838fd8334898c025; Path=/; Expires=Tue, 28 Feb 2023 04:54:35 GMT; SameSite=None
vary: Origin
x-eflow-request-id: cd32ce15-5457-4291-b1aa-2f402b7ed600
Via: 1.1 google
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Wed, 30 Nov 2022 05:41:09 GMT
Date: Wed, 30 Nov 2022 04:54:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1959
Cache-Control: max-age=108555
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:35 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:03:50 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 04:19:39 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2096
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7636
Expires: Wed, 30 Nov 2022 07:01:51 GMT
Date: Wed, 30 Nov 2022 04:54:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6eheBDc+d6u4dxWITVO72/bYKEjHI+HeaMF9/lTbflatAYXmOH4P/ognjEZp0GtAS0vq1/x1UiY=
x-amz-request-id: XVEZ49YAXFDFTS7W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 04:45:05 GMT
age: 570
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9e41ecbb5a23909e15010b7f1a319375
032c3166b49baa88a5a5c9bd8705ba2a2c248cce
018089a65e46eb924178b5932b097f399f98b4fa64f533e80fa9c9133f0f8562
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=165269
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:35 GMT
Etag: "6386c4a0-117"
Expires: Fri, 02 Dec 2022 02:49:04 GMT
Last-Modified: Wed, 30 Nov 2022 02:49:04 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:54:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www2.radiantatanyage.com/cid/7013w000002HDXQAA4?subid1=309982fb0df646a3838fd8334898c025&subid2=205&subid5=everflow
104.18.8.9302 Found 0 B URL HTTP/2 www2.radiantatanyage.com/cid/7013w000002HDXQAA4?subid1=309982fb0df646a3838fd8334898c025&subid2=205&subid5=everflow
IP 104.18.8.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cid/7013w000002HDXQAA4?subid1=309982fb0df646a3838fd8334898c025&subid2=205&subid5=everflow HTTP/1.1
Host: www2.radiantatanyage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 30 Nov 2022 04:54:36 GMT
content-length: 0
location: https://www2.radiantatanyage.com/fst/lfbooster_vslstart_qqq/?business_unit=a00f400000jv55aaat&n=dbtcr&utm_campaign=bhmd-db-lfbooster-eml-all-qqq&utm_campaign_id=7013w000002HDXQAA4&utm_source=dbtcr&subid1=309982fb0df646a3838fd8334898c025&subid2=205&subid5=everflow
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (e13668ca8eb7)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: _csrf=vHBzSCWU5XHPl0FqGpN-4c8K; Path=/
_csrf=uFRQkYVDdA_5xuwIZRZ4AFGO; Path=/
XSRF-TOKEN=WMhxzToV-iK0iipSi-RAtx_5six9XlQVTRtw; Path=/; Secure
_csrf=kfnV6HplVvZxQmbiMJHCVFIH; Path=/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7720fc6a9a6cb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9e41ecbb5a23909e15010b7f1a319375
032c3166b49baa88a5a5c9bd8705ba2a2c248cce
018089a65e46eb924178b5932b097f399f98b4fa64f533e80fa9c9133f0f8562
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=165269
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:36 GMT
Etag: "6386c4a0-117"
Expires: Fri, 02 Dec 2022 02:49:05 GMT
Last-Modified: Wed, 30 Nov 2022 02:49:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 04:11:13 GMT
cache-control: public,max-age=3600
age: 2603
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1953
Cache-Control: max-age=103485
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:36 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:39:21 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.37.79.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.37.79.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J2ookHX09eUJ/RFqwtrBEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hb6yBdRF1VY4K83jiEaOGGCrtno=
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0d8d354d08f398f63f855ea7ec9c78f4
56ed0464066e38d78c79e91f955a25eb42ced0e8
47d250cce90e78790286f97d782a1255028b9bf03bd1295a040477040255e3a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146170
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:36 GMT
Etag: "63867a06-118"
Expires: Thu, 01 Dec 2022 21:30:46 GMT
Last-Modified: Tue, 29 Nov 2022 21:30:46 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0d8d354d08f398f63f855ea7ec9c78f4
56ed0464066e38d78c79e91f955a25eb42ced0e8
47d250cce90e78790286f97d782a1255028b9bf03bd1295a040477040255e3a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=146170
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:37 GMT
Etag: "63867a06-118"
Expires: Thu, 01 Dec 2022 21:30:47 GMT
Last-Modified: Tue, 29 Nov 2022 21:30:46 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtm.js?id=GTM-NHMV223
142.250.74.168200 OK 472 B URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NHMV223
IP 142.250.74.168:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
GET /gtm.js?id=GTM-NHMV223 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 04:54:36 GMT
expires: Wed, 30 Nov 2022 04:54:36 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 111955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Nunito+Sans:wght@600;900&display=swap
142.250.74.106200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css2?family=Nunito+Sans:wght@600;900&display=swap
IP 142.250.74.106:0
Hash dd47401fc74a2caf5ca6db3ebf380fc6
c48b9aa8e6e96a5465ed6f5b299ae75c56ca383c
93b009824e06cd8d95d502e8bbd6a57702dd78326820cee6f5e18de81738d1e6
GET /css2?family=Nunito+Sans:wght@600;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 04:54:36 GMT
date: Wed, 30 Nov 2022 04:54:36 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.beverlyhillsmd.com/img/whiteLogo.png
104.18.8.53200 OK 7.6 kB URL HTTP/2 cdn.beverlyhillsmd.com/img/whiteLogo.png
IP 104.18.8.53:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7e01f89456c6f43ad9dc2196ee86c95a
5f4f80dff378c6f8488eb2ccaddee48d8e581865
7ac2bea21c6bd5d038c542fc9bb95028aff0103097e0f0c7a868dc3014150e87
GET /img/whiteLogo.png HTTP/1.1
Host: cdn.beverlyhillsmd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:37 GMT
content-type: image/webp
content-length: 7616
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7772
content-disposition: inline; filename="whiteLogo.webp"
etag: "b1a11a072e9d7527b4456f9175dd93d7"
last-modified: Fri, 13 Sep 2019 22:05:58 GMT
vary: Accept
x-amz-id-2: UR36s/wVaC8/j7KhGhrzGcwT2KgJPyUC64LpPGJ87sLqJzwq4cM/joImls4aXzzfHHJQ8eYkLqMb6MC/aqVizg==
x-amz-request-id: 3NRABATJFSAPEFCC
cf-cache-status: HIT
expires: Wed, 30 Nov 2022 05:54:37 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
set-cookie: __cf_bm=_dlMDuy.CuqgswcUER009xtQ_3kFB5bCWvu3mqsRhkg-1669784077-0-AUoceT5aXV0LBBXWhtiPRRJ1y1FrplcwYsOY4xhY16Z2eHNCp4vzQa3tEaMWyEXBazz2yej0M9xMgL4lfSkuuLE=; path=/; expires=Wed, 30-Nov-22 05:24:37 GMT; domain=.beverlyhillsmd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7720fc75094ab52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0d8d354d08f398f63f855ea7ec9c78f4
56ed0464066e38d78c79e91f955a25eb42ced0e8
47d250cce90e78790286f97d782a1255028b9bf03bd1295a040477040255e3a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=146170
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:37 GMT
Etag: "63867a06-118"
Expires: Thu, 01 Dec 2022 21:30:47 GMT
Last-Modified: Tue, 29 Nov 2022 21:30:46 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8503
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 04:54:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8503
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 04:54:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8503
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 04:54:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c14828912decf19c9d95fee93e92f00
49a82390cbf2139bf681d896f9467ab736e0b337
bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11466
x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHUxIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s1eFJ0mtTFv3DFwwZ52JWOCDJWFA9IRiJ54L0JSkxzxFLnFIgts2CA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "49a82390cbf2139bf681d896f9467ab736e0b337"
content-type: image/jpeg
age: 25803
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b96b63164d7dc37268951510afb359f
5991d60e238558f9fe4e1759fe18dde628cb7be4
cd7a88b3173bae9ad466d41b9ae9a2ed9e18157660697f1f1b070043194c3db4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4706
x-amzn-requestid: ce0b287a-7242-402b-8261-c519a1310309
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhHxETjoAMFcTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcb-7a69d6d14ad0fd707ede2882;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YOLFLV-a93jrA__gtWEzu2Vz8fpQJgvYGDk5fVsjhKVULRHdnKmfHw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
age: 25803
etag: "5991d60e238558f9fe4e1759fe18dde628cb7be4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4GuUolL0WIMXvnF7BZ80j-dMMSILN2gd-1mqFwNns-zCUBsJa8iHQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:04 GMT
age: 25894
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fb14804c284e300f976848e30396e9c
6004b4b7afd22dded903f026d245bc90a6706767
1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13195
x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvHW6oAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:49 GMT
age: 25789
etag: "6004b4b7afd22dded903f026d245bc90a6706767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8af12b89-c1a0-4a2a-aa29-cd6dea02f435.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8af12b89-c1a0-4a2a-aa29-cd6dea02f435.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd563ab005d968185c8d000e38b88c2
268e6202466941e612ff503835de9091ef4d5b38
272c867dcc37d97f8682e8f3aa11a567a401b4d4d78e890b0eb94a3c77ea5000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8af12b89-c1a0-4a2a-aa29-cd6dea02f435.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8288
x-amzn-requestid: 8b48ce45-1c30-4ea3-8cef-bf3b2e7f106f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEgFcUIAMFkSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1c-20e896a62338c6dc45c1ca2a;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:08 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0bNBjOUnEjVgDrhXO2wYnfemT_030w9kk747Zk9-DTeI0UB-lV073g==
via: 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:26 GMT
age: 25812
etag: "268e6202466941e612ff503835de9091ef4d5b38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cb669522a324cd5d9ba1b1743138d38
71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0
a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8337
x-amzn-requestid: 88e6ec5a-6b04-4787-91e4-02f316d0d6e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgYHViIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-10f0d81a09c0ae930f6be726;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8XATm-S2y3wzXWzJxgof2GIbXx_7WzuEMKrhI5By_tGaB8EiYeGkLg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:59:07 GMT
age: 24931
etag: "71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 04:41:08 GMT
expires: Wed, 30 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 810
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=03EDC9BEF66365621643DBD2F79664AD; domain=.bing.com; expires=Mon, 25-Dec-2023 04:54:38 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FE0C564F1F244609AC80840FE1267722 Ref B: OSL30EDGE0211 Ref C: 2022-11-30T04:54:38Z
date: Wed, 30 Nov 2022 04:54:37 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.beverlyhillsmd.com/img/gradientFinger.jpg
104.18.8.53200 OK 160 kB URL HTTP/2 cdn.beverlyhillsmd.com/img/gradientFinger.jpg
IP 104.18.8.53:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 5327x2848, components 3\012- data
Size 160 kB (159782 bytes)
Hash bc479e09fe20340fbe15e8d61bfbb3e6
6bbae76f99f961a1dcf3b3a435fc15a5f348315c
d41ed7b4162189a9e353f2ce0fe99a033e4f4c4722fa2be02a8ed148787f23ec
GET /img/gradientFinger.jpg HTTP/1.1
Host: cdn.beverlyhillsmd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:38 GMT
content-type: image/jpeg
content-length: 159782
cf-bgj: imgq:85,h2pri
cf-polished: origSize=193735, status=webp_bigger
etag: "dd26d822825c56b584c3da984b3c71b3"
last-modified: Tue, 30 Mar 2021 23:19:57 GMT
x-amz-id-2: LbI3Pzvj552XcVHfbH3NPbQ5anaf8ptEqgKFJs0U3QilcMdpXXfZY1ho5VQLFbsbpQV/0yrVgxUQxb/5nPhWbA==
x-amz-request-id: 3NRA1YKDX6D870SD
cf-cache-status: HIT
expires: Wed, 30 Nov 2022 05:54:38 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
set-cookie: __cf_bm=sf.F9LR4xZUBdBKEhE2jEfXQD2i2c1p9RR6LXSjWz_8-1669784078-0-AevJk/r1XnxTRM49TuRHY0HsJZeIb6JmXBoj+jyqPI+VAnELhT8zQ7EO+i3Vf5XVD0gNtTVdu+MovwrS+ZbeVIw=; path=/; expires=Wed, 30-Nov-22 05:24:38 GMT; domain=.beverlyhillsmd.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720fc75194eb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53980804-7&cid=915896966.1669784077&jid=1528173017&gjid=702822589&_gid=647861541.1669784077&_u=YEBAAAAAAAAAAC~&z=2081459157
74.125.131.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53980804-7&cid=915896966.1669784077&jid=1528173017&gjid=702822589&_gid=647861541.1669784077&_u=YEBAAAAAAAAAAC~&z=2081459157
IP 74.125.131.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53980804-7&cid=915896966.1669784077&jid=1528173017&gjid=702822589&_gid=647861541.1669784077&_u=YEBAAAAAAAAAAC~&z=2081459157 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www2.radiantatanyage.com
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www2.radiantatanyage.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 04:54:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=4001225&tm=gtm002&Ver=2&mid=784416a1-444d-4c11-a0ea-bae25f6f8804&sid=172ae230706b11edbcc6b36fae59013b&vid=172b01b0706b11ed8c910b3262f86ba6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Beverly%20Hills%20MD&p=https%3A%2F%2Fwww2.radiantatanyage.com%2Ffst%2Flfbooster_vslstart_qqq%2F%3Fbusiness_unit%3Da00f400000jv55aaat%26n%3Ddbtcr%26utm_campaign%3Dbhmd-db-lfbooster-eml-all-qqq%26utm_campaign_id%3D7013w000002HDXQAA4%26utm_source%3Ddbtcr%26subid1%3D309982fb0df646a3838fd8334898c025%26subid2%3D205%26subid5%3Deverflow&r=<=2178&evt=pageLoad&sv=1&rn=193877
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=4001225&tm=gtm002&Ver=2&mid=784416a1-444d-4c11-a0ea-bae25f6f8804&sid=172ae230706b11edbcc6b36fae59013b&vid=172b01b0706b11ed8c910b3262f86ba6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Beverly%20Hills%20MD&p=https%3A%2F%2Fwww2.radiantatanyage.com%2Ffst%2Flfbooster_vslstart_qqq%2F%3Fbusiness_unit%3Da00f400000jv55aaat%26n%3Ddbtcr%26utm_campaign%3Dbhmd-db-lfbooster-eml-all-qqq%26utm_campaign_id%3D7013w000002HDXQAA4%26utm_source%3Ddbtcr%26subid1%3D309982fb0df646a3838fd8334898c025%26subid2%3D205%26subid5%3Deverflow&r=<=2178&evt=pageLoad&sv=1&rn=193877
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=4001225&tm=gtm002&Ver=2&mid=784416a1-444d-4c11-a0ea-bae25f6f8804&sid=172ae230706b11edbcc6b36fae59013b&vid=172b01b0706b11ed8c910b3262f86ba6&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Beverly%20Hills%20MD&p=https%3A%2F%2Fwww2.radiantatanyage.com%2Ffst%2Flfbooster_vslstart_qqq%2F%3Fbusiness_unit%3Da00f400000jv55aaat%26n%3Ddbtcr%26utm_campaign%3Dbhmd-db-lfbooster-eml-all-qqq%26utm_campaign_id%3D7013w000002HDXQAA4%26utm_source%3Ddbtcr%26subid1%3D309982fb0df646a3838fd8334898c025%26subid2%3D205%26subid5%3Deverflow&r=<=2178&evt=pageLoad&sv=1&rn=193877 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=38ECAC97C8516D18255CBEFBC9A46C5F; domain=.bing.com; expires=Mon, 25-Dec-2023 04:54:38 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EF3C4542865141A2BD7B7A97EBEA7DF7 Ref B: OSL30EDGE0211 Ref C: 2022-11-30T04:54:38Z
date: Wed, 30 Nov 2022 04:54:37 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/4001225.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/4001225.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/4001225.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1DB8218EE8EB6CA708D933E2E91E6DF2; domain=.bing.com; expires=Mon, 25-Dec-2023 04:54:38 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DB1B61976F62466CBB645DC5F8504A9E Ref B: OSL30EDGE0211 Ref C: 2022-11-30T04:54:38Z
date: Wed, 30 Nov 2022 04:54:38 GMT
X-Firefox-Spdy: h2
cdn.beverlyhillsmd.com/fonts/Montserrat-Regular.ttf
104.18.8.53200 OK 22 kB URL HTTP/2 cdn.beverlyhillsmd.com/fonts/Montserrat-Regular.ttf
IP 104.18.8.53:0
File type TrueType Font data, 15 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, MontserratRegularJulietaUlanovsky: Montserrat: 2010Montserrat-RegularVersion 2.001http://scripts\012- data
Hash a0b3f76e1df413be84036cc33ffeedfd
f9bc5cced7f1ed0cc2c0390c7ab3cf528e5b24f1
194d3e9622ea4ce3cf97797a19863f18c9f49ebdd36699160c397b0df2df8ed8
GET /fonts/Montserrat-Regular.ttf HTTP/1.1
Host: cdn.beverlyhillsmd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.radiantatanyage.com
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:41 GMT
content-type: binary/octet-stream
content-length: 22352
x-amz-id-2: ldpI11FXBsBss+krl7arMN9MxGT37DO0CujC4KvsEa4vJW2Ubj1dUjOxMJ85F18NjMWxbU4+pPk=
x-amz-request-id: XGN5DW6PSRDJ2CZQ
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 27 Jan 2020 22:34:15 GMT
etag: "a0b3f76e1df413be84036cc33ffeedfd"
cf-cache-status: HIT
expires: Wed, 30 Nov 2022 05:54:41 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
set-cookie: __cf_bm=ybbmjWgi4ulkEKjDYlL1qTSzoB16P6w_J_0hUGz71Yg-1669784081-0-ARR86k6EEi6gAf9CmjonmzBZ++nuaPc9llgtZAFtdefuZVH8i4wjS3S1erE/Z2Re4LZxcIVSjpVlAU1Y5Hq2Seg=; path=/; expires=Wed, 30-Nov-22 05:24:41 GMT; domain=.beverlyhillsmd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7720fc89df55b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fafccf9c74991d8675a6b450df2bc5ca
f558922502b7755b660996fcaa13df8bd208b313
3f7f4e408b6c19bd1f4d7dfc2982c03e67c3d0abf46fe68a28772de0ae2206e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:42 GMT
Server: ECS (amb/6BAE)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8ef75fe5f28cb7796c5fb622a7234914
138c144b8bed5184e088c3d0e84fc5d8e681ee0e
22a1301f841c3fb5e3f472d20f1f9298a753b0e1a91554bf9c98c157648ea4bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=124196
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:42 GMT
Etag: "63862436-117"
Expires: Thu, 01 Dec 2022 15:24:38 GMT
Last-Modified: Tue, 29 Nov 2022 15:24:38 GMT
Server: nginx
Content-Length: 279
cdn.beverlyhillsmd.com/fonts/Gotham-Book.ttf
104.18.8.53200 OK 70 kB URL HTTP/2 cdn.beverlyhillsmd.com/fonts/Gotham-Book.ttf
IP 104.18.8.53:0
File type TrueType Font data, 15 tables, 1st "FFTM", 32 names, Macintosh\012- data
Hash 8599704930316b431e827d8e63e916bf
c497fdde74a53860cc4d63031de1dae24916c123
dc6f66adce9e8ac3e093c2c06ab1f7c38eff26fbdaf4521a5c92b47a1939bd7c
GET /fonts/Gotham-Book.ttf HTTP/1.1
Host: cdn.beverlyhillsmd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.radiantatanyage.com
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:42 GMT
content-type: binary/octet-stream
content-length: 69668
x-amz-id-2: y6gNtnw4n08sogGhNoIEZ3tu0QBVJ4Pcpe5wm8Onc3tcgiN7czQtmzpB9L+KxVazvdKqna5Yozs=
x-amz-request-id: 95N4VHM7XP25Q0BE
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Fri, 17 Apr 2020 18:01:58 GMT
etag: "8599704930316b431e827d8e63e916bf"
cf-cache-status: HIT
expires: Wed, 30 Nov 2022 05:54:42 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
set-cookie: __cf_bm=XhsMV7wGuWtmStUkWtcXO53VkRv3ZedRsvt15SB._FM-1669784082-0-AT+gkKRObu+Vs2Ukl/TEenAz/BPSYzo0pLIpPJ4RGAnY382MNQFBEIbCeu0HT0T2wN17wVBWnCGevKxseB+dbU4=; path=/; expires=Wed, 30-Nov-22 05:24:42 GMT; domain=.beverlyhillsmd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7720fc94ca98b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.beverlyhillsmd.com/fonts/GothamLight.otf
104.18.8.53200 OK 34 kB URL HTTP/2 cdn.beverlyhillsmd.com/fonts/GothamLight.otf
IP 104.18.8.53:0
File type OpenType font data\012- data
Hash 55aad5cc2f2baf41abf589994d5e00c7
08da39268decf1067487c6f011a07616bcf4553b
b90b81f9630398836f29f834ddd9a8b7e212fa2e3427bcdc04717a4aeca596e8
GET /fonts/GothamLight.otf HTTP/1.1
Host: cdn.beverlyhillsmd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.radiantatanyage.com
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:42 GMT
content-type: binary/octet-stream
content-length: 33576
x-amz-id-2: 9fqOFqmp5Oz37O8YhrE2bcekTLFPsMksqTTPQW97oCq4CpquBp90SlbDA5K61xIS5lQnenoC/fo=
x-amz-request-id: BR3EH87T16BCCV17
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 08 Aug 2022 18:19:01 GMT
etag: "55aad5cc2f2baf41abf589994d5e00c7"
cf-cache-status: HIT
expires: Wed, 30 Nov 2022 05:54:42 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
set-cookie: __cf_bm=vwRrdvaB_u5sgbJ1czooO1lWw2B.OTnamptYDENVR0c-1669784082-0-Acvo7XR3r5EVO98Chj3ExReYDjxuRQj2Mk94BmAWpBQ+yk1abSbFUWy19MRNPiUR2asBGXAYzTzFsQoZYYdUc3Q=; path=/; expires=Wed, 30-Nov-22 05:24:42 GMT; domain=.beverlyhillsmd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7720fc94da9eb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.beverlyhillsmd.com/fonts/Gotham-Bold.otf
104.18.8.53200 OK 21 kB URL HTTP/2 cdn.beverlyhillsmd.com/fonts/Gotham-Bold.otf
IP 104.18.8.53:0
File type OpenType font data\012- data
Hash 5d6f50ed2dde0e4ad455448f896c09f0
9f1ed3e21c341efd8a3168b5a952e61d46fd675a
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
GET /fonts/Gotham-Bold.otf HTTP/1.1
Host: cdn.beverlyhillsmd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.radiantatanyage.com
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:42 GMT
content-type: binary/octet-stream
content-length: 21408
x-amz-id-2: ByWFKdFx7lIssLDUW8AKrqSr+FuURWMVBk3yKW9OamMijkMKo4m8jcrrL9YX2yZlGBhSwya4fnzYbGVyRLdeYQ==
x-amz-request-id: SNZT2M9MXSCK6DHA
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 10 Oct 2019 19:05:27 GMT
etag: "5d6f50ed2dde0e4ad455448f896c09f0"
cf-cache-status: HIT
expires: Wed, 30 Nov 2022 05:54:42 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
set-cookie: __cf_bm=exwra2IpuWof.V9bdWnTlwFaUicG6xKNWpEQ1S7nNg8-1669784082-0-AawU7jJzZ4QU0GN74GfYUjXO+776izhYvfrpWUg+RLBCZSQ57eq2r9e2eCck47/XhCGZX6eLcFa4icEVtI0XJ7M=; path=/; expires=Wed, 30-Nov-22 05:24:42 GMT; domain=.beverlyhillsmd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7720fc94da9db52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stat.bevhillskrssdmn.com/js/cscript.js?v=1
104.18.26.112200 OK 2.5 kB URL HTTP/2 stat.bevhillskrssdmn.com/js/cscript.js?v=1
IP 104.18.26.112:0
File type ASCII text, with very long lines (494)
Hash fe3fa02349697c8e62e1970b64a6dd33
6cf25d16f0387c6c228cb2bbf874d9c3149bdeb8
2defbdfbe15bff90fe729178600034e9c76be5e6a3b5adf0fd7f1dfaec35d2d1
Analyzer Verdict Alert quad9 Sinkholed
GET /js/cscript.js?v=1 HTTP/1.1
Host: stat.bevhillskrssdmn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:43 GMT
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
last-modified: Mon, 28 Feb 2022 18:51:11 GMT
pragma: no-cache
vary: accept-encoding
via: 1.1 spaces-router (e13668ca8eb7)
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: MISS
server: cloudflare
cf-ray: 7720fc95ed5c1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.beverlyhillsmd.com/fonts/GothamMedium.otf
104.18.8.53200 OK 34 kB URL HTTP/2 cdn.beverlyhillsmd.com/fonts/GothamMedium.otf
IP 104.18.8.53:0
File type OpenType font data\012- data
Hash d757e9fd5c6ba81b580177713c055817
2fb6ac892e732ac8e51363b432399603097e38da
c5f37e75fb24d93fd718f57d623a5866f622803f36716e51316d9fdf27646f76
GET /fonts/GothamMedium.otf HTTP/1.1
Host: cdn.beverlyhillsmd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.radiantatanyage.com
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:43 GMT
content-type: binary/octet-stream
content-length: 34080
x-amz-id-2: HG/7dzsUi0x09tqC77saCgJyS4bfs+vgtTWrR05rI2s4ZNfuzqSHarXRnDQQ32iAmH947U1EAjQ=
x-amz-request-id: BR391H5FJ1AD4YVN
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 10 Oct 2019 19:05:27 GMT
etag: "d757e9fd5c6ba81b580177713c055817"
cf-cache-status: HIT
expires: Wed, 30 Nov 2022 05:54:43 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
set-cookie: __cf_bm=gdvN1NYMxx8d4SR1zl6lvZ_ejylTEYiApKzlAjIwoo8-1669784083-0-ATIl8qQ2hV2n+Y9ZKH588RaMMKsvCqVAhs3LsLO/jvbcqxHZzYbAxoDmOFjwSPkgQa0wY5GgE1MJq5Shno1/KSw=; path=/; expires=Wed, 30-Nov-22 05:24:43 GMT; domain=.beverlyhillsmd.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7720fc94ca99b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
players.brightcove.net/6058004204001/ROADQ6LJ_default/index.min.js
23.38.201.31200 OK 227 kB URL HTTP/1.1 players.brightcove.net/6058004204001/ROADQ6LJ_default/index.min.js
IP 23.38.201.31:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 227 kB (227172 bytes)
Hash 891c89c22378bdc01e8526035a88c6c3
fec217f8308f1a460a21bac98552a3cae65d9911
29825f2d76bc37637e9176799279be21ae1073eff2ffacd164a39a737b260990
GET /6058004204001/ROADQ6LJ_default/index.min.js HTTP/1.1
Host: players.brightcove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 227172
x-amz-id-2: I7zL2Ia6QR2c0mJQvEcwam8mJvnTHe2sF+70OimRkTSH+mSfkA8oidojCnTQjtdO+N1nPak/r4s=
x-amz-request-id: 3Z7BCVP8DVNKFPQY
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 28 Nov 2022 22:47:38 GMT
ETag: "891c89c22378bdc01e8526035a88c6c3"
Content-Encoding: gzip
x-amz-version-id: 7cne.Voldi9l_CrNx2dgJFKKVUeX.2ZG
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Accept-Ranges: bytes
X-Served-By: cache-bma1627-BMA
X-Cache-Hits: 0
X-Timer: S1669676720.108238,VS0,VE669
Vary: Accept-Encoding
X-BCOV-Response-Mode: 1
Cache-Control: public, max-age=300
Date: Wed, 30 Nov 2022 04:54:43 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
cdn.bevhillsmd.com/images/tablewithFlowers.jpg
104.18.21.82200 OK 49 kB URL HTTP/2 cdn.bevhillsmd.com/images/tablewithFlowers.jpg
IP 104.18.21.82:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x535, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 987bb07f0bbeb5447507c7d940c8bc1f
692a0412d7ebf85b09663f2c1552cc7a3020c506
f64ba2492927dee2b791a0240abbc025570359dbf2872e684f929b6e949923db
GET /images/tablewithFlowers.jpg HTTP/1.1
Host: cdn.bevhillsmd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:43 GMT
content-type: image/webp
content-length: 48942
cf-ray: 7720fc9589b91c16-OSL
accept-ranges: bytes
cache-control: public, max-age=3600
content-disposition: inline; filename="tablewithFlowers.webp"
etag: "d2454e4c1cc780d55c9545052c2c44d5"
expires: Wed, 30 Nov 2022 05:54:43 GMT
last-modified: Thu, 28 Jan 2021 18:45:26 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=126046
x-amz-id-2: z+yR80DDbes6vcKzW9HeKtuNJqFtg+QdAkNDMKUO8jDzCjK5WwuGLv8d4HOEGWua398+mOE7ctc=
x-amz-request-id: 0AVCPH23F1FHCFTB
server: cloudflare
X-Firefox-Spdy: h2
vjs.zencdn.net/vttjs/0.15.3/vtt.global.min.js
151.101.2.217200 OK 7.4 kB URL HTTP/2 vjs.zencdn.net/vttjs/0.15.3/vtt.global.min.js
IP 151.101.2.217:0
File type ASCII text, with very long lines (20915)
Hash 4c4ee758d9faee213618ed424bc5e15c
9fd5c3a5cbd0c94eb16d039221f52ccb556a8ebe
869e007fede7f0d842d3737fe03da03c80db0a7bb24ad66d65b9c7c1b2ac3e50
GET /vttjs/0.15.3/vtt.global.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 11 May 2022 18:56:37 GMT
etag: "9ab357d51e365493dab6cf243489069b"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Wed, 30 Nov 2022 04:54:43 GMT
x-served-by: cache-bma1668-BMA
x-cache: HIT
x-cache-hits: 51322
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 7354
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/h0j-y3GSgos
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/h0j-y3GSgos
IP 142.250.74.131:0
Hash dd160266e0f7ef0ccfcb204c5317ca7e
7b92279acb16d6de4a832b395a5d66fafa750ec8
9cc35729059c8a5683d42214d0d01263a7ac87b7e78b4444f96c128226a9cc86
POST /s/gts1d4/h0j-y3GSgos HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/h0j-y3GSgos
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/h0j-y3GSgos
IP 142.250.74.131:0
Hash dd160266e0f7ef0ccfcb204c5317ca7e
7b92279acb16d6de4a832b395a5d66fafa750ec8
9cc35729059c8a5683d42214d0d01263a7ac87b7e78b4444f96c128226a9cc86
POST /s/gts1d4/h0j-y3GSgos HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edge.api.brightcove.com/playback/v1/accounts/6058004204001/videos/6267243901001
151.101.194.27200 OK 0 B URL HTTP/2 edge.api.brightcove.com/playback/v1/accounts/6058004204001/videos/6267243901001
IP 151.101.194.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /playback/v1/accounts/6058004204001/videos/6267243901001 HTTP/1.1
Host: edge.api.brightcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: accept
Referer: https://www2.radiantatanyage.com/
Origin: https://www2.radiantatanyage.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-max-age: 86400
accept-ranges: bytes
date: Wed, 30 Nov 2022 04:54:43 GMT
via: 1.1 varnish
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1669784084.800117,VS0,VE0
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
cache-control: max-age=0, no-cache, no-store
content-length: 0
X-Firefox-Spdy: h2
metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=9f2d09f85b13e696534ab1b&account=6058004204001&destination=https%3A%2F%2Fwww2.radiantatanyage.com%2Fvsl220418a_ap%3Fbusiness_unit%3Da00f400000jv55aaat%26n%3Ddbtcr%26utm_campaign%3Dbhmd-db-lfbooster-eml-all-qqq%26utm_campaign_id%3D7013w000002HDXQAA4%26utm_source%3Ddbtcr%26subid1%3D309982fb0df646a3838fd8334898c025%26subid2%3D205%26subid5%3Deverflow%26sessionid%3D629590769241%26uid%3Dlfbooster_vslstart_220902%26dsid%3Da0v3w00000LpvEfAAJ%26step%3D1&platform_version=6.66.7&player=players.brightcove.com%2F6058004204001%2FROADQ6LJ_default&player_name=BHMD%20Player%20autoplay&source=&event=player_init&time=1669784082626&autoplay=any&seq=0
35.244.232.184200 OK 35 B URL HTTP/2 metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=9f2d09f85b13e696534ab1b&account=6058004204001&destination=https%3A%2F%2Fwww2.radiantatanyage.com%2Fvsl220418a_ap%3Fbusiness_unit%3Da00f400000jv55aaat%26n%3Ddbtcr%26utm_campaign%3Dbhmd-db-lfbooster-eml-all-qqq%26utm_campaign_id%3D7013w000002HDXQAA4%26utm_source%3Ddbtcr%26subid1%3D309982fb0df646a3838fd8334898c025%26subid2%3D205%26subid5%3Deverflow%26sessionid%3D629590769241%26uid%3Dlfbooster_vslstart_220902%26dsid%3Da0v3w00000LpvEfAAJ%26step%3D1&platform_version=6.66.7&player=players.brightcove.com%2F6058004204001%2FROADQ6LJ_default&player_name=BHMD%20Player%20autoplay&source=&event=player_init&time=1669784082626&autoplay=any&seq=0
IP 35.244.232.184:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /v2/tracker?domain=videocloud&platform=video-js&session=9f2d09f85b13e696534ab1b&account=6058004204001&destination=https%3A%2F%2Fwww2.radiantatanyage.com%2Fvsl220418a_ap%3Fbusiness_unit%3Da00f400000jv55aaat%26n%3Ddbtcr%26utm_campaign%3Dbhmd-db-lfbooster-eml-all-qqq%26utm_campaign_id%3D7013w000002HDXQAA4%26utm_source%3Ddbtcr%26subid1%3D309982fb0df646a3838fd8334898c025%26subid2%3D205%26subid5%3Deverflow%26sessionid%3D629590769241%26uid%3Dlfbooster_vslstart_220902%26dsid%3Da0v3w00000LpvEfAAJ%26step%3D1&platform_version=6.66.7&player=players.brightcove.com%2F6058004204001%2FROADQ6LJ_default&player_name=BHMD%20Player%20autoplay&source=&event=player_init&time=1669784082626&autoplay=any&seq=0 HTTP/1.1
Host: metrics.brightcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 35
content-type: image/gif
cache-control: must-revalidate,no-cache,no-store
strict-transport-security: max-age=300; includeSubDomains
date: Wed, 30 Nov 2022 04:54:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=9f2d09f85b13e696534ab1b&account=6058004204001&destination=https%3A%2F%2Fwww2.radiantatanyage.com%2Fvsl220418a_ap%3Fbusiness_unit%3Da00f400000jv55aaat%26n%3Ddbtcr%26utm_campaign%3Dbhmd-db-lfbooster-eml-all-qqq%26utm_campaign_id%3D7013w000002HDXQAA4%26utm_source%3Ddbtcr%26subid1%3D309982fb0df646a3838fd8334898c025%26subid2%3D205%26subid5%3Deverflow%26sessionid%3D629590769241%26uid%3Dlfbooster_vslstart_220902%26dsid%3Da0v3w00000LpvEfAAJ%26step%3D1&platform_version=6.66.7&player=players.brightcove.com%2F6058004204001%2FROADQ6LJ_default&player_name=BHMD%20Player%20autoplay&source=&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6058004204001%2Fvideos%2F6267243901001&time=1669784082632&autoplay=any&seq=1
35.244.232.184200 OK 35 B URL HTTP/2 metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=9f2d09f85b13e696534ab1b&account=6058004204001&destination=https%3A%2F%2Fwww2.radiantatanyage.com%2Fvsl220418a_ap%3Fbusiness_unit%3Da00f400000jv55aaat%26n%3Ddbtcr%26utm_campaign%3Dbhmd-db-lfbooster-eml-all-qqq%26utm_campaign_id%3D7013w000002HDXQAA4%26utm_source%3Ddbtcr%26subid1%3D309982fb0df646a3838fd8334898c025%26subid2%3D205%26subid5%3Deverflow%26sessionid%3D629590769241%26uid%3Dlfbooster_vslstart_220902%26dsid%3Da0v3w00000LpvEfAAJ%26step%3D1&platform_version=6.66.7&player=players.brightcove.com%2F6058004204001%2FROADQ6LJ_default&player_name=BHMD%20Player%20autoplay&source=&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6058004204001%2Fvideos%2F6267243901001&time=1669784082632&autoplay=any&seq=1
IP 35.244.232.184:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /v2/tracker?domain=videocloud&platform=video-js&session=9f2d09f85b13e696534ab1b&account=6058004204001&destination=https%3A%2F%2Fwww2.radiantatanyage.com%2Fvsl220418a_ap%3Fbusiness_unit%3Da00f400000jv55aaat%26n%3Ddbtcr%26utm_campaign%3Dbhmd-db-lfbooster-eml-all-qqq%26utm_campaign_id%3D7013w000002HDXQAA4%26utm_source%3Ddbtcr%26subid1%3D309982fb0df646a3838fd8334898c025%26subid2%3D205%26subid5%3Deverflow%26sessionid%3D629590769241%26uid%3Dlfbooster_vslstart_220902%26dsid%3Da0v3w00000LpvEfAAJ%26step%3D1&platform_version=6.66.7&player=players.brightcove.com%2F6058004204001%2FROADQ6LJ_default&player_name=BHMD%20Player%20autoplay&source=&event=catalog_request&url=https%3A%2F%2Fedge.api.brightcove.com%2Fplayback%2Fv1%2Faccounts%2F6058004204001%2Fvideos%2F6267243901001&time=1669784082632&autoplay=any&seq=1 HTTP/1.1
Host: metrics.brightcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 35
content-type: image/gif
cache-control: must-revalidate,no-cache,no-store
strict-transport-security: max-age=300; includeSubDomains
date: Wed, 30 Nov 2022 04:54:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/h0j-y3GSgos
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/h0j-y3GSgos
IP 142.250.74.131:0
Hash dd160266e0f7ef0ccfcb204c5317ca7e
7b92279acb16d6de4a832b395a5d66fafa750ec8
9cc35729059c8a5683d42214d0d01263a7ac87b7e78b4444f96c128226a9cc86
POST /s/gts1d4/h0j-y3GSgos HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:54:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
edge.api.brightcove.com/playback/v1/accounts/6058004204001/videos/6267243901001
151.101.194.27200 OK 3.7 kB URL HTTP/2 edge.api.brightcove.com/playback/v1/accounts/6058004204001/videos/6267243901001
IP 151.101.194.27:0
File type JSON data\012- , ASCII text, with very long lines (3657)
Hash 9b6bdb04f34bd8b07a2f8326353ba833
c0f82c1742c3700bddee7e20cb058b18c00d8e5d
581c8e2f9f0083760dae748a42516fde404c101a1c4a6d65b18c04a49f7a8a19
GET /playback/v1/accounts/6058004204001/videos/6267243901001 HTTP/1.1
Host: edge.api.brightcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json;pk=BCpkADawqM2j5t4w0PLiDPRciWT3ORGuJOQR7TcxDbOe4UcBpJXCFPu3xGcC8ptPVnPv5ol93y7roxW1KISebEwZqFNt3yKHfKXf1hxrU0FYptRBu2om3q-qkyamdTfy17GIes-WkAljw_p7
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.radiantatanyage.com
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
account-status: APPROVED
bc-override-client-ip: 91.90.42.154
bcov-request-id: df1c7bb8-b81e-4c61-bf15-487eeefaa86e
content-type: application/json; charset=UTF-8
policy-key-accountid: 6058004204001
policy-key-raw: BCpkADawqM2j5t4w0PLiDPRciWT3ORGuJOQR7TcxDbOe4UcBpJXCFPu3xGcC8ptPVnPv5ol93y7roxW1KISebEwZqFNt3yKHfKXf1hxrU0FYptRBu2om3q-qkyamdTfy17GIes-WkAljw_p7
powered-by: BC
powered-from: eu-central-1b
accept-ranges: bytes
date: Wed, 30 Nov 2022 04:54:43 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1644-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669784084.821333,VS0,VE128
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
cache-control: max-age=0, no-cache, no-store
content-length: 3658
X-Firefox-Spdy: h2
cf-images.us-east-1.prod.boltdns.net/v1/jit/6058004204001/07d9119a-36ed-4205-8748-005ac26bcd8f/main/640x360/15m45s88ms/match/image.jpg
54.230.111.21200 OK 22 kB URL HTTP/1.1 cf-images.us-east-1.prod.boltdns.net/v1/jit/6058004204001/07d9119a-36ed-4205-8748-005ac26bcd8f/main/640x360/15m45s88ms/match/image.jpg
IP 54.230.111.21:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.134.100", baseline, precision 8, 640x360, components 3\012- data
Hash e784b678e162ec1020f404782f876162
5651fc079c6f6007ea9ccbce2b22ad1b1ab068c9
08bcb7613ee8ff6773bacbba87ffd16ff45fd27c85b83666a05ce3d592f9ca6c
GET /v1/jit/6058004204001/07d9119a-36ed-4205-8748-005ac26bcd8f/main/640x360/15m45s88ms/match/image.jpg HTTP/1.1
Host: cf-images.us-east-1.prod.boltdns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Date: Sat, 26 Nov 2022 20:41:43 GMT
Expires: Sun, 26 Nov 2023 20:41:43 GMT
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Powered-By: BC
X-Powered-From: gantry
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gl6PP6-DY_HoeO0PlKlGkylVFveaEJJV4lLiJhezIx3FPLra1BeOUQ==
Age: 288781
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004204001/07d9119a-36ed-4205-8748-005ac26bcd8f/10s/master.m3u8?fastly_token=NjM4NzQyOTRfYjczMTEwZDdkNWZhYmFlMjMxNTUxYzQxMDA1NDU2MzJkN2VlM2FiZmFhZjllZTUzYTczNjljNTFhOWFhYjk4ZA%3D%3D
151.101.194.27200 OK 2.0 kB URL HTTP/2 manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004204001/07d9119a-36ed-4205-8748-005ac26bcd8f/10s/master.m3u8?fastly_token=NjM4NzQyOTRfYjczMTEwZDdkNWZhYmFlMjMxNTUxYzQxMDA1NDU2MzJkN2VlM2FiZmFhZjllZTUzYTczNjljNTFhOWFhYjk4ZA%3D%3D
IP 151.101.194.27:0
File type M3U playlist, ASCII text, with very long lines (390)
Hash cea480d5bff03cbfe0d34a67b5a89735
6206b87511eb30b237e18017a6b98864456c87d5
1ecc369f91d81aa1351aeb61cba09b86b66a2985f20b57717cfb744acc5b0efc
GET /manifest/v1/hls/v4/clear/6058004204001/07d9119a-36ed-4205-8748-005ac26bcd8f/10s/master.m3u8?fastly_token=NjM4NzQyOTRfYjczMTEwZDdkNWZhYmFlMjMxNTUxYzQxMDA1NDU2MzJkN2VlM2FiZmFhZjllZTUzYTczNjljNTFhOWFhYjk4ZA%3D%3D HTTP/1.1
Host: manifest.prod.boltdns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.radiantatanyage.com
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
content-type: application/x-mpegURL
x-bolt-device-group: desktop-firefox
x-powered-by: BC
x-powered-from: gantry
accept-ranges: bytes
date: Wed, 30 Nov 2022 04:54:44 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1644-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669784084.081349,VS0,VE192
x-device-group: desktop-firefox
content-length: 2032
X-Firefox-Spdy: h2
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004204001/07d9119a-36ed-4205-8748-005ac26bcd8f/daaa18d5-22a4-45a0-9655-b08db9a3f404/10s/rendition.m3u8?fastly_token=NjM4NzQyOTVfOWI0YTFlNzQ1NWE0Y2QxYmFmYzY1NDRjY2ZmYzU4NTBiMDRlNGNkODdhNjQwZmFhMTNjNzFlODAxZTA4ZTA5NA%3D%3D
151.101.194.27200 OK 34 kB URL HTTP/2 manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/6058004204001/07d9119a-36ed-4205-8748-005ac26bcd8f/daaa18d5-22a4-45a0-9655-b08db9a3f404/10s/rendition.m3u8?fastly_token=NjM4NzQyOTVfOWI0YTFlNzQ1NWE0Y2QxYmFmYzY1NDRjY2ZmYzU4NTBiMDRlNGNkODdhNjQwZmFhMTNjNzFlODAxZTA4ZTA5NA%3D%3D
IP 151.101.194.27:0
Hash 1bccd688dca72684d2258cdb0b1dabe8
7dd210310faf900fe19d1ff71916d20d402a0681
fc341d1d70293cee4bf226a31c54538d4339d778000e2e6dab7b3a9a13eaf894
GET /manifest/v1/hls/v4/clear/6058004204001/07d9119a-36ed-4205-8748-005ac26bcd8f/daaa18d5-22a4-45a0-9655-b08db9a3f404/10s/rendition.m3u8?fastly_token=NjM4NzQyOTVfOWI0YTFlNzQ1NWE0Y2QxYmFmYzY1NDRjY2ZmYzU4NTBiMDRlNGNkODdhNjQwZmFhMTNjNzFlODAxZTA4ZTA5NA%3D%3D HTTP/1.1
Host: manifest.prod.boltdns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.radiantatanyage.com
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
content-type: application/x-mpegURL
x-powered-by: BC
x-powered-from: gantry
accept-ranges: bytes
date: Wed, 30 Nov 2022 04:54:44 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1644-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669784084.307153,VS0,VE292
x-device-group: desktop-firefox
content-length: 34023
X-Firefox-Spdy: h2
www2.radiantatanyage.com/fst/lfbooster_vslstart_qqq/?business_unit=a00f400000jv55aaat&n=dbtcr&utm_campaign=bhmd-db-lfbooster-eml-all-qqq&utm_campaign_id=7013w000002HDXQAA4&utm_source=dbtcr&subid1=309982fb0df646a3838fd8334898c025&subid2=205&subid5=everflow
104.18.8.9200 OK 0 B URL HTTP/2 www2.radiantatanyage.com/fst/lfbooster_vslstart_qqq/?business_unit=a00f400000jv55aaat&n=dbtcr&utm_campaign=bhmd-db-lfbooster-eml-all-qqq&utm_campaign_id=7013w000002HDXQAA4&utm_source=dbtcr&subid1=309982fb0df646a3838fd8334898c025&subid2=205&subid5=everflow
IP 104.18.8.9:0
GET /fst/lfbooster_vslstart_qqq/?business_unit=a00f400000jv55aaat&n=dbtcr&utm_campaign=bhmd-db-lfbooster-eml-all-qqq&utm_campaign_id=7013w000002HDXQAA4&utm_source=dbtcr&subid1=309982fb0df646a3838fd8334898c025&subid2=205&subid5=everflow HTTP/1.1
Host: www2.radiantatanyage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _csrf=kfnV6HplVvZxQmbiMJHCVFIH; XSRF-TOKEN=WMhxzToV-iK0iipSi-RAtx_5six9XlQVTRtw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:36 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age = 31557600
last-modified: Tue, 29 Nov 2022 21:04:14 GMT
set-cookie: XSRF-TOKEN=yeIO8Kfc-a5uhbSnrmb9lXTl_b1WfUHVGHI4; Path=/; Secure
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (e13668ca8eb7)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7720fc6b7ac6b512-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stat.bevhillskrssdmn.com/js/fp.min.js
104.18.26.112200 OK 0 B URL HTTP/2 stat.bevhillskrssdmn.com/js/fp.min.js
IP 104.18.26.112:0
Analyzer Verdict Alert quad9 Sinkholed
GET /js/fp.min.js HTTP/1.1
Host: stat.bevhillskrssdmn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www2.radiantatanyage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:54:43 GMT
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
last-modified: Mon, 28 Feb 2022 18:51:11 GMT
pragma: no-cache
vary: accept-encoding
via: 1.1 spaces-router (e13668ca8eb7)
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: MISS
server: cloudflare
cf-ray: 7720fc96fda91c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2