Report - beverlyhillsmd.com/cmd.php?ad=885438

Report Overview

Submitted URL
beverlyhillsmd.com/cmd.php?ad=885438
IP
172.64.155.20
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-27 23:13:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
beverlyhillsmd.com	292862	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	808 B	728 B	172.64.155.20
dnn506yrbagrg.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	818 B	54.230.245.60
tr.outbrain.com	2017	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	491 B	70.42.32.31
trc-events.taboola.com	1779	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	669 B	363 B	141.226.228.48
www2.bevhillsmd.com	144445	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.0 kB	3.7 kB	172.64.155.180
metrics-api.librato.com	119650	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	2.1 kB	3.234.179.174
script.crazyegg.com	1992	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	362 B	104.19.147.8
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
trc.taboola.com	602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	2.4 kB	151.101.85.44
in.getclicky.com	9776	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	552 B	338 B	198.145.13.11
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	746 B	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
www.mcssl.com	353993	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	463 B	768 B	209.17.119.201
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
cdn.taboola.com	1040	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	19 kB	151.101.85.44
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.3 kB	93.184.220.29
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	757 B	66 kB	142.250.74.74
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	86 kB	142.250.74.72
player.ooyala.com	53294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	222 kB	151.101.86.27
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	586 B	709 B	64.233.165.156
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	694 B	142.250.74.3
stat.bevhillskrssdmn.com	425501	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	549 B	172.64.154.27
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.149.101.24
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	5.6 kB	142.250.74.3
cdn.bevhillsmd.com	983114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	15 kB	172.64.155.180
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.6 kB	143.204.42.88
amplify.outbrain.com	2255	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	353 B	3.7 kB	23.38.201.81
analytics.ooyala.com	96536	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	473 B	54.230.111.63
static.getclicky.com	11697	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	489 B	104.16.221.29
bevhillsmd.com	142141	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.2 kB	57 kB	104.18.32.76
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	66 kB	34.120.237.76
q.quora.com	3239	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	480 B	418 B	18.205.225.81
bat.bing.com	387	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	14 kB	204.79.197.200
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	500 B	694 B	142.250.74.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	bevhillskrssdmn.com	Sinkholed

JavaScript (40)

	URL	Size	First Seen	Last Seen
	bevhillsmd.com/dwf/180406B.php?n=db	580 B	2023-03-08	2023-03-08
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash dd48c1573a7ca2fff361abe2060b6a23 0f2e3d535ddd49d6bc3aea64814cfd75aec62b20 3aaeecde1eecd28c9534b646712ea0b091f574dbecaada1e6b1f3ca12ff80d53 Loading...

	player.ooyala.com/ooyala_storage.html	3.1 kB	2023-03-07	2023-03-13
Pretty URL player.ooyala.com/ooyala_storage.html IP 151.101.86.27 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:41:55 Last Seen2023-03-13 07:40:15 Times Seen1 Hash 3879727ec21ffe09f6e9dad044785ee9 9f91a8dec56355b1070d6316be49a864b7d8286b 02e7775ca37cdad2cdf80c9a31fc97cde5bff286653fc61382e51773f8489b55 Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	423 B	2023-03-08	2023-12-01
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-12-01 16:59:17 Times Seen2 Hash baaa5e55b63db0567d2081ebb7ed006b 03ea5d6059ec127ab22858c1f1a288cd3db87819 bfcd1a725081aa6aa74dd1026fe2bc61de508e43eeff067676f92202d9f3597c Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	369 B	2023-03-07	2023-12-01
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:27 Last Seen2023-12-01 16:59:17 Times Seen3 Hash 48bf6ca03c165848c069db028deaed9d 116cffe1b9211a5fd48d5394a505c6875d7df01a 664d5a03e7565088f3328c4f60fe8ebf44ca43d06e1c368585c91c3f8beb59da Loading...

	amplify.outbrain.com/cp/obtp.js	8.1 kB	2023-03-07	2023-03-17
Pretty URL amplify.outbrain.com/cp/obtp.js IP 23.38.201.81 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2023-03-17 12:54:28 Times Seen1 Hash 51de2e10510f823326f9b30ea6068a2a d59ac8a4371d74ec69945686b04453246130d846 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0 Loading...

	tr.outbrain.com/cachedClickId?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f	35 B	2023-03-07	2024-02-13
Pretty URL tr.outbrain.com/cachedClickId?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f IP 70.42.32.31 ASN #22075 AS-OUTBRAIN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-02-13 00:48:29 Times Seen1372 Hash 75c843c7b717e7b722777907475c67a3 983d1c9a05b315288039b9d4694ce3b402259240 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Loading...

	www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:	685 B	2023-03-08	2023-03-08
Pretty URL www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https: IP 172.64.155.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 08e904b63fe4f7f8236534bdc2961e28 7bb5c838b9bee3419260ca80211da9e8cb237647 e20a8f9bdf64df460fca91fa5b98a01aeaca73176f41f73974dd16d2ade09d61 Loading...

	stat.bevhillskrssdmn.com/stat?callback=siteStatHandler&emit=true&id=9e4947f35751465411fd1a4f5c358c78&b=8603291856&url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&sessionid=848922549935	1.4 kB	2023-03-08	2023-03-08
Pretty URL stat.bevhillskrssdmn.com/stat?callback=siteStatHandler&emit=true&id=9e4947f35751465411fd1a4f5c358c78&b=8603291856&url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&sessionid=848922549935 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash c00cd7451384b163153de7e8fb3a3112 c52c0b7c13b6cfaa400e871fd1a29da1ce918721 34b762cb853262c74afec50cd54cc084fcc6d43250b9bf6c34c082ba18d4b359 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-19 21:14:12 Times Seen263022 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	static.getclicky.com/js	15 kB	2023-03-07	2023-09-18
Pretty URL static.getclicky.com/js IP 104.16.221.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:08 Last Seen2023-09-18 16:04:35 Times Seen65 Hash 42c466b0f386acf1fffd8c652d589503 253bc47dc57b745eb3f7a2d6db68beee22793527 f164b7d1707684b6749eb2f5154c84883cb9ec621dca72fc5147772b3c4237ff Loading...

	player.ooyala.com/static/v4/stable/4.24.9/video-plugin/main_html5.min.js	54 kB	2023-03-08	2023-03-08
Pretty URL player.ooyala.com/static/v4/stable/4.24.9/video-plugin/main_html5.min.js IP 151.101.86.27 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 702c512b195680f11f6240248121ebc4 83440168d4f540ed549b79458d1a72d16c7c5400 e33dbf3a95ef2e56326f8e5e60b713a756186bf53b3b09e2993858fc07e16cd9 Loading...

	analytics.ooyala.com/static/v3/analytics.js	15 kB	2023-03-08	2023-03-08
Pretty URL analytics.ooyala.com/static/v3/analytics.js IP 54.230.111.63 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 06415b496e4f069b3e9b835c6a33ebec ae178a1103056c8a66f361f211a4337da0d70b95 13160a4c41c7b57f5a5493fbdd7f9d3d7879619e6df1eb8b43bc3effd141d90d Loading...

	dnn506yrbagrg.cloudfront.net/pages/scripts/0025/1454.js?462311	309 B	2023-03-08	2023-03-08
Pretty URL dnn506yrbagrg.cloudfront.net/pages/scripts/0025/1454.js?462311 IP 54.230.245.60 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 3e228ac346d7a631ee2e56e9802fd1a4 9c43a3592f2c375bae5396f38de5706fb2d4ca6b 8d5f4dd3ec59b18fb5803c881b2b59d476d40ef56dca1e0fd153e5100ecb52c8 Loading...

	bat.bing.com/bat.js	39 kB	2023-03-07	2023-08-25
Pretty URL bat.bing.com/bat.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2023-08-25 07:33:07 Times Seen42 Hash 16911c194f6e9313655f07c4eb9d8737 d39ccfa8c6d785af331afafe9e36336031f41b64 30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 20:01:25 Times Seen46173 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	397 B	2023-03-08	2023-03-08
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 6416a0e39be4a5117547e500558408b9 6566801676993da2e8b59dc5337450069b8cb5ef d9ac1548e60fdd3491ec6a9707ba504e43325d85836c140ed6d2dce42eca7e1f Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	575 B	2023-03-08	2023-03-08
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 53d905e006cca3e92bd7a8f25242796d f2e51dd19aa52cf1d0dc4a8255163e84b7b388d1 c18979891394fc7cfb9c41171f625a5c666869b2b76058771ab5e46f6d781722 Loading...

	www2.bevhillsmd.com/proxy/funnel/stats/save/?event=eyJ1cmwiOiIxODA0MDZCLnBocCIsImV2ZW50VHlwZSI6IkV4cGxvcml1bS1OZXdTZXNzaW9uIiwic2Vzc2lvbklkIjo4NDg5MjI1NDk5MzUsImRlc3RpbmF0aW9uSWQiOm51bGwsImZ1bm5lbFNUUElkIjpudWxsLCJzcGxpdFRlc3RpbmdJZCI6bnVsbCwic3BsaXRUZXN0aW5nRnVubmVsSWQiOm51bGwsImN1c3RvbVBheUxvYWQxIjoie1wiYWx0ZXJuYWlHdWVzdElkXCI6XCI4YzQ3YjIwNC1iMDZmLTQxYzQtYjZjMy03MjRmNGFiYmEzMDUsYmV2aGlsbHNtZC5jb20sLGJsb2I6aHR0cHM6XCJ9IiwiY3VzdG9tUGF5TG9hZDIiOiJ7XCJhbHRlcm5haVZpc2l0b3JJZFwiOlwiXCIsXCJ1YVwiOlwiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjBcIixcIm5vbi1ldmVudFwiOjB9IiwidXRtU291cmNlIjpudWxsLCJ1dG1NZWRpdW0iOm51bGwsInV0bUNhbXBhaWduIjpudWxsLCJ1dG1DYW1wYWlnbklkIjpudWxsLCJ1dG1Db250ZW50IjpudWxsLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjpudWxsLCJzdWJJZDIiOm51bGwsInN1YklkMyI6bnVsbCwic3ViSWQ0IjpudWxsLCJzdWJJZDUiOm51bGwsInNhbGVzRnVubmVsIjoiRnVubmVsIiwidmlzaXRvcklkIjpudWxsLCJyZWZlcnJhbFVybCI6IiIsImJyYW5kIjpudWxsLCJicm93c2VyIjoiRmlyZWZveCIsIm9zIjoiTGludXgiLCJkZXZpY2UiOiJEZXNrdG9wIn0=	29 B	2023-03-07	2024-04-18
Pretty URL www2.bevhillsmd.com/proxy/funnel/stats/save/?event=eyJ1cmwiOiIxODA0MDZCLnBocCIsImV2ZW50VHlwZSI6IkV4cGxvcml1bS1OZXdTZXNzaW9uIiwic2Vzc2lvbklkIjo4NDg5MjI1NDk5MzUsImRlc3RpbmF0aW9uSWQiOm51bGwsImZ1bm5lbFNUUElkIjpudWxsLCJzcGxpdFRlc3RpbmdJZCI6bnVsbCwic3BsaXRUZXN0aW5nRnVubmVsSWQiOm51bGwsImN1c3RvbVBheUxvYWQxIjoie1wiYWx0ZXJuYWlHdWVzdElkXCI6XCI4YzQ3YjIwNC1iMDZmLTQxYzQtYjZjMy03MjRmNGFiYmEzMDUsYmV2aGlsbHNtZC5jb20sLGJsb2I6aHR0cHM6XCJ9IiwiY3VzdG9tUGF5TG9hZDIiOiJ7XCJhbHRlcm5haVZpc2l0b3JJZFwiOlwiXCIsXCJ1YVwiOlwiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjBcIixcIm5vbi1ldmVudFwiOjB9IiwidXRtU291cmNlIjpudWxsLCJ1dG1NZWRpdW0iOm51bGwsInV0bUNhbXBhaWduIjpudWxsLCJ1dG1DYW1wYWlnbklkIjpudWxsLCJ1dG1Db250ZW50IjpudWxsLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjpudWxsLCJzdWJJZDIiOm51bGwsInN1YklkMyI6bnVsbCwic3ViSWQ0IjpudWxsLCJzdWJJZDUiOm51bGwsInNhbGVzRnVubmVsIjoiRnVubmVsIiwidmlzaXRvcklkIjpudWxsLCJyZWZlcnJhbFVybCI6IiIsImJyYW5kIjpudWxsLCJicm93c2VyIjoiRmlyZWZveCIsIm9zIjoiTGludXgiLCJkZXZpY2UiOiJEZXNrdG9wIn0= IP 172.64.155.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:57:52 Last Seen2024-04-18 08:43:13 Times Seen376 Hash 666c82637166f160b430c3a13caf3b30 45f23499be7924955fa257ce10c2a76412e0a16c b5b1625932b3d2b242b95c8680756c5d79135956bb1f6fd0b9544261a9d56389 Loading...

	www2.bevhillsmd.com/request-ip	62 B	2023-03-08	2023-03-08
Pretty URL www2.bevhillsmd.com/request-ip IP 172.64.155.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 5396e616f7e0dcec6223bb6667d3defe 3cb051b370ea5c711465bd31e95f1ec123f79125 906fa30c9f078e3824d51f36623de38b99daac6139b95de12cd60cac5889f38f Loading...

	bevhillsmd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-19
Pretty URL bevhillsmd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.64.155.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 21:13:16 Times Seen54571 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	123 B	2023-03-07	2023-10-01
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:03 Last Seen2023-10-01 06:52:55 Times Seen3 Hash 2f7e05a7e875b1ac63b7e446a70fe399 d51119ee4700bc2c2bfc68a8b6b1cf79a549d530 969af8c13251ccb84fe89cdfd70130b45dc7747dd912595a7f6d13eca6f0438b Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	343 B	2023-03-08	2023-03-08
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 1c07b2bc5a62b13338c2d89a6d1223bf 97aa84be92f9a602d88152c9d0bc93fbc0283e1a c6bca9e80cfc3f91e6c3efa8ef6f360f8dbfdca9624acc62e93c09edafaba86a Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	132 B	2023-03-08	2023-03-11
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-11 21:53:52 Times Seen1 Hash fe0c60edc6329e70edaf55edccd93e5c 17b1df9b73d3557a83ab9697b3cac56ab58b28c2 14b5a828a6d40b4647581354623407d0b229053a5f011d9d9fee13bb4ea96f20 Loading...

	in.getclicky.com/in.php?site_id=100881123&type=pageview&href=%2Fdwf%2F180406B.php%3Fn%3Ddb&title=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.3042866259278576	222 B	2023-03-08	2023-03-08
Pretty URL in.getclicky.com/in.php?site_id=100881123&type=pageview&href=%2Fdwf%2F180406B.php%3Fn%3Ddb&title=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.3042866259278576 IP 198.145.13.11 ASN #2044 DF-PTL01 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 4ced5f4ee41e52ba8c42f5043d5a4d98 b133dfc4df19b4944c85e158839d361244730c02 4fc6dff8d7c3bf767b790bbd1777e14c76a4e47d3c96f6b0d2233af1106a1410 Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	511 B	2023-03-08	2023-03-08
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash c3b7ea7c2f1a9ae784ac76afb47c8574 b1761778ded5c3b17bdbd19253fcce0f5f3e6231 d245849d9a89fc473304714ec4da9c6655d75e934a57cf848468869928bacd2b Loading...

	bevhillsmd.com/dwf/js/jquery.cookie.js	3.2 kB	2023-03-08	2024-01-25
Pretty URL bevhillsmd.com/dwf/js/jquery.cookie.js IP 172.64.155.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2024-01-25 13:25:10 Times Seen163 Hash d3cee26794e1d380174f221f3f32ec08 177b778a5086531c1c90738d0d226eb3f350a16c a6c71bcbfaab90e153dbedb09eba32fb495330d7b59d3f472ea5bebb8ee63469 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TQHDHR	300 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TQHDHR IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash b6bb1f3815cfada7be45a73faa69d304 624f9dbbeb33a86a13c97cc04911408e6da04c37 0623bbfe4f00a640442ec82ec81370c6b01f5116af7e327282e6e27aa9974518 Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	40 B	2023-03-08	2023-03-08
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash c1e721bf830b4b96c54891bf11f99dfa 02110c4fd64e7a620d1a395d4ad2008be07e28c8 d8249d7e6b631ff5021aaa427009ac512f598c4f68585e6ae0ae0d5de73dc48a Loading...

	trc.taboola.com/1108549/trc/3/json?tim=1664320393931&data=%7B%22id%22%3A861%2C%22ii%22%3A%22%2Fdwf%2F180406b.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664320393928%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fn%3Ddb%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbeverlyhillsmd-deepwrinklefiller-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22tim%22%3A1664320393931%2C%22ref%22%3Anull%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A76%7D%7D&pubit=i	2.4 kB	2023-03-08	2023-03-08
Pretty URL trc.taboola.com/1108549/trc/3/json?tim=1664320393931&data=%7B%22id%22%3A861%2C%22ii%22%3A%22%2Fdwf%2F180406b.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664320393928%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fn%3Ddb%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbeverlyhillsmd-deepwrinklefiller-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22tim%22%3A1664320393931%2C%22ref%22%3Anull%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A76%7D%7D&pubit=i IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 1262b89689b9bfeda0e37067d925e518 12e1af4cad9322724375421c1c578744e931bf24 bbf16bd7c07d18d0f6ac608b4163062acac29f085da96a45ed829e2d535b1439 Loading...

	stat.bevhillskrssdmn.com/js/cscript.js?v=1	8.8 kB	2023-03-07	2024-04-18
Pretty URL stat.bevhillskrssdmn.com/js/cscript.js?v=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:23 Last Seen2024-04-18 08:43:12 Times Seen255 Hash 838091920c5ca36b093c86693ff62940 7f9aa226771df451fbe4a38d5671d5294c25b776 b078999f1e87fb1a80a941371723dc584673d28de33c3d69a8d98688f4dbdea1 Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	324 B	2023-03-08	2023-03-08
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 43f2a298fdee15da4bcae592592e78f6 67c3c40b6abb98872baca90231f9ccb5be83de0b 5af203633a8e4e01e1b5386dfd8bdd077b8f084bae539997682cb6a74983e40f Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 22:14:10 Times Seen36967554 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	806 B	2023-03-08	2023-03-08
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 8d1ca4f4ce40ab5e636a0bc397395e30 fa3560b20635516846d9be7ba71b5f62a636c8f6 a40c469b25edd6e165919afa701069e69bd59d59cf1e024572ecefc68dd565d4 Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	853 B	2023-03-08	2023-12-01
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-12-01 16:59:17 Times Seen2 Hash 761b026a3501e003a2829d45741be032 4a6ad4585147e3a48c9defd97c511f004ba0aa7c e0bb979d4229662d57838cada8a325b1d6789ef2adcd7aa740d15db488ad420c Loading...

	www2.beverlyhillsmd.com/assets/js/site.js	33 kB	2023-03-08	2023-03-08
Pretty URL www2.beverlyhillsmd.com/assets/js/site.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash c4d60dfcbc456f7eba9ab658e0a8b23d 02d4fba2b649b65c1e5bf3764bde86145d6ae85d 0f7d210256d7b2faa114f3f5b4a78551cafa518a0df26b5166e1e241e721d46e Loading...

	cdn.taboola.com/libtrc/unip/1108549/tfa.js	58 kB	2023-03-08	2023-03-08
Pretty URL cdn.taboola.com/libtrc/unip/1108549/tfa.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash 0e4583b0b961358f74e4254026611958 e0135523b1d373320e465c335338170cba8e3a8b d7537f1be00b548ceaaeec9af8fcb353cab2120c13089587ef634ac64320a60b Loading...

	bevhillsmd.com/landing-scripts/js/jquery.colorbox.js	30 kB	2023-03-08	2023-03-08
Pretty URL bevhillsmd.com/landing-scripts/js/jquery.colorbox.js IP 172.64.155.180 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash df8f9a4e0214e3f39e2d752ff5269ff9 96c75a0ca756d0ef3f25ea33b5795d72ea217103 23d7818e4905d525ddf7a55f680faf89161e24e7b1512c63fad8a9ca0d8d7252 Loading...

	bevhillsmd.com/dwf/180406B.php?n=db	334 B	2023-03-08	2023-03-08
Pretty URL bevhillsmd.com/dwf/180406B.php?n=db IP 104.18.32.76 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:47:01 Last Seen2023-03-08 02:47:01 Times Seen1 Hash b20b77bfbc302e6d20fe9d80d2241901 2de61dfefe5fecd789a31f4fcc2dfe2dbcd305b0 03703dfbfdc259139d5292f78aa09e23ce5fe2d916e7f56bd7a368df992a61a4 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3a824154b16ed7dab899bf000b80eeee	4 B	2023-03-07	2024-02-13
Pretty Observations First Seen2023-03-07 01:02:03 Last Seen2024-02-13 04:29:14 Times Seen34 Hash 3a824154b16ed7dab899bf000b80eeee e575dccc71140754dd85beda5965b6a358150309 b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0 Loading...

HTTP Transactions (100)

URL IP Response Size

beverlyhillsmd.com/cmd.php?ad=885438

172.64.155.20

301 Moved Permanently

0 B

URL HTTP/1.1
beverlyhillsmd.com/cmd.php?ad=885438
IP
172.64.155.20:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cmd.php?ad=885438 HTTP/1.1
Host: beverlyhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 23:13:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 00:13:13 GMT
Location: https://beverlyhillsmd.com/cmd.php?ad=885438
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517edbb7df1fab8-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8676
Expires: Wed, 28 Sep 2022 01:37:49 GMT
Date: Tue, 27 Sep 2022 23:13:13 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 22:15:34 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2TcIRJhy2uxaUvljzmneEkTvBApyKI7xc2DW8WIJNUmN3BPVxzNkMQ==
Age: 3459

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 33SN4Lyd1VZI1_Mmn-ZQziYQ-LdJgtbdTA02Oy-8gMWIXW048PlL6Q==
age: 49740
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 23:13:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 23:10:46 GMT
Expires: Tue, 27 Sep 2022 23:12:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XHKK5ziwgDa0vhZ7kUVc2IWvhvhqPkyjhHCGJsKsZ4M0PDlZDYdb3g==
Age: 148

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6274
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:14 GMT
Last-Modified: Tue, 27 Sep 2022 21:28:41 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

www.mcssl.com/SecureClient/track.ashx?885438&6

209.17.119.201

302 Found

159 B

URL HTTP/2
www.mcssl.com/SecureClient/track.ashx?885438&6
IP
209.17.119.201:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
159 B (159 bytes)
Hash
9f3d471cca44c2a40250e002c64295eb
cae6c15292118e717dd1e1feac8b74bef1fb7445
dbcc29c2606a5b1643a9dfa8de982f902ccfdc9e3bd1054dfbc01a27d95db480

HTTP Headers

GET /SecureClient/track.ashx?885438&6 HTTP/1.1
Host: www.mcssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
cache-control: private
content-type: text/html; charset=utf-8
location: http://bevhillsmd.com/dwf/180406B.php?n=db
set-cookie: camp885438=885438; expires=Wed, 27-Sep-2023 23:13:14 GMT; path=/; secure; HttpOnly
298701ad=885438; expires=Wed, 27-Sep-2023 23:13:14 GMT; path=/; secure; HttpOnly
pr1ad=885438; expires=Wed, 27-Sep-2023 23:13:14 GMT; path=/; secure; HttpOnly
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 23:13:13 GMT
content-length: 159
X-Firefox-Spdy: h2

bevhillsmd.com/dwf/180406B.php?n=db

104.18.32.76

301 Moved Permanently

0 B

URL HTTP/1.1
bevhillsmd.com/dwf/180406B.php?n=db
IP
104.18.32.76:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dwf/180406B.php?n=db HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 23:13:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 00:13:14 GMT
Location: https://bevhillsmd.com/dwf/180406B.php?n=db
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517edc19deefac4-OSL
alt-svc: h2=":443"; ma=60

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
abc402d0d898678412c76e64e6913678
d17c02c1a7e357523495dc83f1855cb0fbd27533
12da032c9865428ad4270426a609e8078d90fc6f640ad1d9cdbe08cd3f27e20d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:14 GMT
Server: ECS (amb/6BB1)
Content-Length: 279

push.services.mozilla.com/

54.149.101.24

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.101.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OzpLrEFRCZVCuUfGnvG5kw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UAKLbuKPGqMarNozeLev1nLCJM8=

bevhillsmd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.64.155.180

200 OK

1.1 kB

URL HTTP/2
bevhillsmd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.1 kB (1126 bytes)
Hash
e5e1e5f370b90da410115ff9c84edf7c
264bdce5290b3ebad15a030fbd3cc11168d514f1
a60e3ebd1c4f2cef0d1dd9dfeee5d26c3b111347cea8d5f32e8a4603c48c6e43

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:14 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 11:11:52 GMT
etag: W/"633188f8-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7517edc46f03b515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 29 Sep 2022 23:13:14 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

277 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
277 B (277 bytes)
Hash
cf1f56006325a9cb10642c51b7c69557
b01fad727fd6aea6fe712c0506359836918042e1
709c2e9a070325230c37cc0c4e81f87dc5b7d9b8422f41bd33ec0d49a4f53aba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3620
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:14 GMT
Last-Modified: Tue, 27 Sep 2022 22:12:54 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 277

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.74

200 OK

33 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 20:55:30 GMT
expires: Wed, 27 Sep 2023 20:55:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 8264
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

142.250.74.74

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32030)
Size
30 kB (30244 bytes)
Hash
04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2

HTTP Headers

GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 12:09:32 GMT
expires: Fri, 22 Sep 2023 12:09:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 471823
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

277 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
277 B (277 bytes)
Hash
cf1f56006325a9cb10642c51b7c69557
b01fad727fd6aea6fe712c0506359836918042e1
709c2e9a070325230c37cc0c4e81f87dc5b7d9b8422f41bd33ec0d49a4f53aba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3621
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:15 GMT
Last-Modified: Tue, 27 Sep 2022 22:12:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 277

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bevhillsmd.com/dwf/images/drLayke.jpg

172.64.155.180

200 OK

30 kB

URL HTTP/2
bevhillsmd.com/dwf/images/drLayke.jpg
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 188x280, components 3\012- data
Size
30 kB (29718 bytes)
Hash
babd479ed4962b13a9fa0672e8522db7
2bf024ed5fb0f26ebccc8607c917aef8948ab506
dec53f992a1d13897621a5e7e53473f65a41328b794969f5b7d3aca60a79b508

HTTP Headers

GET /dwf/images/drLayke.jpg HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Cookie: TestCookie170519A=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: image/jpeg
content-length: 29718
cf-ray: 7517edc45ef3b515-OSL
accept-ranges: bytes
cache-control: public, max-age=3600
etag: "7416-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2

player.ooyala.com/static/v4/stable/4.24.9/skin-plugin/html5-skin.min.css

151.101.86.27

200 OK

16 kB

URL HTTP/2
player.ooyala.com/static/v4/stable/4.24.9/skin-plugin/html5-skin.min.css
IP
151.101.86.27:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
16 kB (15740 bytes)
Hash
0f5f5cd09bb5ff0ce603854d9596f538
a3fda2c3cf69196e0cedf4d0cc670446baf91989
41d355bd3b287876f6635fee2505a180437c17917c79b465f64aaaddd375aae0

HTTP Headers

GET /static/v4/stable/4.24.9/skin-plugin/html5-skin.min.css HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: yjPOljNXWzqmx7Zrl5GnJl+3rUZsn93KG29AHiHsXAtksl8JrD068CW9qqZnwyMAHiPJNYz0tto=
x-amz-request-id: GJWDHP6B8EQCXPKT
last-modified: Mon, 30 Apr 2018 21:12:53 GMT
etag: "1368c0537d89fb03d83534f431e24106"
cache-control: max-age=604800, must-revalidate
accept-ranges: bytes
content-type: text/css
server: AmazonS3
content-encoding: gzip
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
date: Tue, 27 Sep 2022 23:13:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320395.104259,VS0,VE12
vary: Accept-Encoding
content-length: 15740
X-Firefox-Spdy: h2

cdn.bevhillsmd.com/img/as_seen_on.jpg

172.64.155.180

200 OK

6.1 kB

URL HTTP/2
cdn.bevhillsmd.com/img/as_seen_on.jpg
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 543x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.1 kB (6110 bytes)
Hash
e4d486f3c3b694dac96934db792ab77d
ef4875624b81dd862d045d6801bc3550d65bc092
6d4eb800eb9230129ed9b80374a4f08409a0ff3b36d3f2eabf15b8358f9f102f

HTTP Headers

GET /img/as_seen_on.jpg HTTP/1.1
Host: cdn.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: image/webp
content-length: 6110
cf-ray: 7517edc45ef4b515-OSL
accept-ranges: bytes
cache-control: public, max-age=3600
content-disposition: inline; filename="as_seen_on.webp"
etag: "80973af9cedaa349975884f833265dc6"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Fri, 20 Nov 2020 00:35:22 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13659
x-amz-id-2: nMSF6TJtCAU0vN6dJ2oRq+JXzdBcRXBD0B3WYphVhjjTxrsfZTqZ0kVu9vUvDRTrHgRz+nuRQL4=
x-amz-request-id: 0XN3P1X2QDJEKCWP
server: cloudflare
X-Firefox-Spdy: h2

cdn.bevhillsmd.com/img/header.jpg

172.64.155.180

200 OK

8.0 kB

URL HTTP/2
cdn.bevhillsmd.com/img/header.jpg
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 915x71, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.0 kB (7998 bytes)
Hash
c353df3168862a58c91c0b3cb051484a
3344104a24ca3de8c06ea9db6b6a9f8d21fe1f96
c7860337218b1e6392f5b64bbf4eea9997477159de525bf5b07b251ab30ef2fd

HTTP Headers

GET /img/header.jpg HTTP/1.1
Host: cdn.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: image/webp
content-length: 7998
cf-ray: 7517edc45ef5b515-OSL
accept-ranges: bytes
cache-control: public, max-age=3600
content-disposition: inline; filename="header.webp"
etag: "3373340bc09962b14446b98339f0e0d2"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Fri, 20 Nov 2020 00:35:20 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=22363
x-amz-id-2: k8u5W/3He5UIVIWVuSmyogwSYjAub4juLQS2ZRa8FcXcl6986VcG3/wveybah/2hIysTiF8VHQQ=
x-amz-request-id: 6A9A26W4BM9GAS84
server: cloudflare
X-Firefox-Spdy: h2

player.ooyala.com/static/v4/stable/4.24.9/video-plugin/main_html5.min.js

151.101.86.27

200 OK

18 kB

URL HTTP/2
player.ooyala.com/static/v4/stable/4.24.9/video-plugin/main_html5.min.js
IP
151.101.86.27:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32020)
Size
18 kB (17830 bytes)
Hash
7ddb1409e4f94511edfb326133f7bfdc
31879e4556fb146c6b390bf88df7d6f62f38f82b
f1a5d1daccbfcbf09aab2c4399c4efac0a1f3674bedfb5ff341d0d51c3b0b143

HTTP Headers

GET /static/v4/stable/4.24.9/video-plugin/main_html5.min.js HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 94xSobS2vUUGbw2EYNXnsLxKE7aLhjAcIi+deE2yGhvuZa2EQQgPmzURgZFcYEPyVsjnc38Z9fk=
x-amz-request-id: 77N6777PZRYEZHT9
last-modified: Mon, 30 Apr 2018 21:12:56 GMT
etag: "702c512b195680f11f6240248121ebc4"
cache-control: max-age=604800, must-revalidate
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
date: Tue, 27 Sep 2022 23:13:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320395.107133,VS0,VE13
vary: Accept-Encoding
content-length: 17830
X-Firefox-Spdy: h2

player.ooyala.com/static/v4/stable/4.24.9/core.min.js

151.101.86.27

200 OK

163 kB

URL HTTP/2
player.ooyala.com/static/v4/stable/4.24.9/core.min.js
IP
151.101.86.27:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
163 kB (163286 bytes)
Hash
54ab7982dfe499190fdc90eb24c5946d
19bb290fe3e9fb78ef02bcf80763847e2901a0c0
b31975b72deebb3cdc3b5a973589dac02fbab03da7acec8d95931fdc6160eff5

HTTP Headers

GET /static/v4/stable/4.24.9/core.min.js HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TCaWMiJYbWvPkHOVWOp9iBQuT0QtmCf2qI7kyZ8X/OLen4u3r1glkHnoAucPFlEb7LdRQ/zHV1I=
x-amz-request-id: GJWFHQSJS4E2N64Y
last-modified: Mon, 30 Apr 2018 21:12:55 GMT
etag: "891837cd188a97422ba8d9f6b82ff652"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=604800, must-revalidate
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 27 Sep 2022 23:13:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320395.107124,VS0,VE9
vary: Accept-Encoding
content-length: 163286
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TQHDHR

142.250.74.72

200 OK

85 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TQHDHR
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (61106)
Size
85 kB (84895 bytes)
Hash
3b74578364b13ece4ef361eb035d6f7f
e6a5880c0ce188da98803f946db18dfb3c38a010
9e7b16e43cb55141a4524a11d3a4b92e5706cec84035c16d735172ae4cb9e5e0

HTTP Headers

GET /gtm.js?id=GTM-TQHDHR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 23:13:15 GMT
expires: Tue, 27 Sep 2022 23:13:15 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 21:09:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84895
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

player.ooyala.com/ooyala_storage.html

151.101.86.27

200 OK

1.2 kB

URL HTTP/2
player.ooyala.com/ooyala_storage.html
IP
151.101.86.27:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1211 bytes)
Hash
40e69e75a1f169e645d70ad2ee398d5a
d05d24f8d7a975d9d7ddff66c1f294128cfdf811
89912ff2c4367afb93f1585828f7eaaa10b76890f338c86747bd5ef3f32af079

HTTP Headers

GET /ooyala_storage.html HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: ryncEifi+d77vfUgWxB0Av3NgRb+BH0YBpFxaSXuuwlFLRYRS1dTRz9FhSItYxmpdZE+mD8j3Hk=
x-amz-request-id: GYR2AJB3B7YJK25Q
last-modified: Tue, 18 Jul 2017 21:57:32 GMT
etag: "84f213d7453fbc34816c118bd5a4a70c"
accept-ranges: bytes
content-type: text/html
server: AmazonS3
content-encoding: gzip
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=557918
date: Tue, 27 Sep 2022 23:13:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320395.469080,VS0,VE1
vary: Accept-Encoding
content-length: 1211
X-Firefox-Spdy: h2

bevhillsmd.com/mdschoice/images/Email_Icon.png

172.64.155.180

404 Not Found

20 kB

URL HTTP/2
bevhillsmd.com/mdschoice/images/Email_Icon.png
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
20 kB (19986 bytes)
Hash
d6b9a5cb36d00516ab12fb450f6027f3
37420db25fd40b94d703cc5b566cd2d95897489f
8566be6c1ad7e71586fb59c1e7b17dd615f8af037b3bb01aa55becab3c0d0cc2

HTTP Headers

GET /mdschoice/images/Email_Icon.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc778f0b515-OSL
age: 0
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9b3611d4fbebaa55d47ac081832233d3
242ad307a1d80cc1c8d447bf644983654ce80ccc
e934b9b9236ad6c70f63c1ef43dc2cfd18798ecbe7a5966a25eb195a69f065d6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 23:13:15 GMT
Last-Modified: Tue, 27 Sep 2022 22:14:11 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9rtkDZk6tcrXXemNCpGZGJm4ulzvfaAvTAl_uNlBDO5OtpzNHLiNnQ==
Age: 3544

dnn506yrbagrg.cloudfront.net/pages/scripts/0025/1454.js?462311

54.230.245.60

200 OK

309 B

URL HTTP/1.1
dnn506yrbagrg.cloudfront.net/pages/scripts/0025/1454.js?462311
IP
54.230.245.60:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
309 B (309 bytes)
Hash
3e228ac346d7a631ee2e56e9802fd1a4
9c43a3592f2c375bae5396f38de5706fb2d4ca6b
8d5f4dd3ec59b18fb5803c881b2b59d476d40ef56dca1e0fd153e5100ecb52c8

HTTP Headers

GET /pages/scripts/0025/1454.js?462311 HTTP/1.1
Host: dnn506yrbagrg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 309
Connection: keep-alive
Date: Wed, 21 Sep 2022 17:45:12 GMT
Last-Modified: Tue, 03 Mar 2020 19:16:29 GMT
ETag: "3e228ac346d7a631ee2e56e9802fd1a4"
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jO5L0kIRkydO9e026qY6u7edX8CDbf7mwhAGM4EI2_G__VDwILaHAA==
Age: 538084

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9780 bytes)
Hash
43d7c0db2af42ad4d0095324b2691f6c
1a1139cff14aff6755b9e43ff4ef8c9ece1102c1
42073c84e0c215109b54ab55a53cce9e6cce44f4619f5988fa4e2776ff70b362

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9780
x-amzn-requestid: 9938422e-12cd-4aab-9e58-c26b8fee53b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UOH3DoAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-37105d923f19437025abec71;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Halsx09hxT_sMRc2jy-fJA0tE85F6Bgz9P9Trx02Z9aMfIZVLkLW4g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:42 GMT
age: 4533
etag: "1a1139cff14aff6755b9e43ff4ef8c9ece1102c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6721 bytes)
Hash
c4a66beda24621e812a929933c52025d
e951f6b11e473b68d2fdd95b822cef120d37b1eb
28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EbkbN72NJbDqfnJjnaUcitG0W6yk8vR__5zLvdidXuWqh7VQK2O8OA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:18:40 GMT
age: 3275
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9733 bytes)
Hash
f3e1fd3401c5e635a8dbeec5f78b721d
2142075b27d0d355c51231ab06fea46e25eb9c59
2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:59:08 GMT
age: 65647
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13299 bytes)
Hash
ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 4991
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11314 bytes)
Hash
ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 5235
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8621 bytes)
Hash
59163c799f3d48e74abdd285ee615119
883e61d46ef6c09013724aa7b8f560272ee08574
e1bafc575ff4274b210bee481a8e73c065de5bc14ddf46c269ef91eda0df8d84

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8621
x-amzn-requestid: 5a828651-41c2-4aa0-931d-6522098a8438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASUWEYvIAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffdb5-5ace75523a98a9237fabca8f;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:05:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2a-Ip86QEcmn31zRYLuD9dtCXduTOd0OZO0JdpfbTvJK7Z7wRGxEaQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:21:35 GMT
age: 3100
etag: "883e61d46ef6c09013724aa7b8f560272ee08574"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f11a775500ec61d65f68e96866de4bab
5149f0bab068ef0c3fa82dd55ae3a50d1a57817f
3da35992ffdd8de102e46eb4f2360c01f352a545d048442ce6a3663bc23cc5f8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DA35992FFDD8DE102E46EB4F2360C01F352A545D048442CE6A3663BC23CC5F8"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2770
Expires: Tue, 27 Sep 2022 23:59:25 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4f6610e6590a7981c80710f6b6b90fc8
96b1abadc7bb60b95c4677329f32a5fc4a29ca16
630e1e634669c499d120981afd453b80d8dae9d8abb666554609f5239619a7a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 23:13:15 GMT
Last-Modified: Tue, 27 Sep 2022 21:57:33 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 36NW0DZIVS5MP8dfNcbIE_W9p-qk8AfU3Nj_1zTNs46us3HmpjkvpQ==
Age: 4542

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4f6610e6590a7981c80710f6b6b90fc8
96b1abadc7bb60b95c4677329f32a5fc4a29ca16
630e1e634669c499d120981afd453b80d8dae9d8abb666554609f5239619a7a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 23:13:15 GMT
Last-Modified: Tue, 27 Sep 2022 22:01:33 GMT
Server: ECS (dcb/7F13)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yV87iEAwzcOBHAj5Xz18HTVOFdF734xCMI2E2YbDnVGRFUtd03ODcw==
Age: 4302

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4f6610e6590a7981c80710f6b6b90fc8
96b1abadc7bb60b95c4677329f32a5fc4a29ca16
630e1e634669c499d120981afd453b80d8dae9d8abb666554609f5239619a7a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 23:13:15 GMT
Last-Modified: Tue, 27 Sep 2022 22:27:59 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2Sdk0hT3DImCXSSAT_5pA-9kCnmA5b3CMi-1yghllWRk708YmK6-Og==
Age: 2716

www2.bevhillsmd.com/proxy/funnel/stats/save/?event=eyJ1cmwiOiIxODA0MDZCLnBocCIsImV2ZW50VHlwZSI6IkV4cGxvcml1bS1OZXdTZXNzaW9uIiwic2Vzc2lvbklkIjo4NDg5MjI1NDk5MzUsImRlc3RpbmF0aW9uSWQiOm51bGwsImZ1bm5lbFNUUElkIjpudWxsLCJzcGxpdFRlc3RpbmdJZCI6bnVsbCwic3BsaXRUZXN0aW5nRnVubmVsSWQiOm51bGwsImN1c3RvbVBheUxvYWQxIjoie1wiYWx0ZXJuYWlHdWVzdElkXCI6XCI4YzQ3YjIwNC1iMDZmLTQxYzQtYjZjMy03MjRmNGFiYmEzMDUsYmV2aGlsbHNtZC5jb20sLGJsb2I6aHR0cHM6XCJ9IiwiY3VzdG9tUGF5TG9hZDIiOiJ7XCJhbHRlcm5haVZpc2l0b3JJZFwiOlwiXCIsXCJ1YVwiOlwiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjBcIixcIm5vbi1ldmVudFwiOjB9IiwidXRtU291cmNlIjpudWxsLCJ1dG1NZWRpdW0iOm51bGwsInV0bUNhbXBhaWduIjpudWxsLCJ1dG1DYW1wYWlnbklkIjpudWxsLCJ1dG1Db250ZW50IjpudWxsLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjpudWxsLCJzdWJJZDIiOm51bGwsInN1YklkMyI6bnVsbCwic3ViSWQ0IjpudWxsLCJzdWJJZDUiOm51bGwsInNhbGVzRnVubmVsIjoiRnVubmVsIiwidmlzaXRvcklkIjpudWxsLCJyZWZlcnJhbFVybCI6IiIsImJyYW5kIjpudWxsLCJicm93c2VyIjoiRmlyZWZveCIsIm9zIjoiTGludXgiLCJkZXZpY2UiOiJEZXNrdG9wIn0=

172.64.155.180

200 OK

29 B

URL HTTP/2
www2.bevhillsmd.com/proxy/funnel/stats/save/?event=eyJ1cmwiOiIxODA0MDZCLnBocCIsImV2ZW50VHlwZSI6IkV4cGxvcml1bS1OZXdTZXNzaW9uIiwic2Vzc2lvbklkIjo4NDg5MjI1NDk5MzUsImRlc3RpbmF0aW9uSWQiOm51bGwsImZ1bm5lbFNUUElkIjpudWxsLCJzcGxpdFRlc3RpbmdJZCI6bnVsbCwic3BsaXRUZXN0aW5nRnVubmVsSWQiOm51bGwsImN1c3RvbVBheUxvYWQxIjoie1wiYWx0ZXJuYWlHdWVzdElkXCI6XCI4YzQ3YjIwNC1iMDZmLTQxYzQtYjZjMy03MjRmNGFiYmEzMDUsYmV2aGlsbHNtZC5jb20sLGJsb2I6aHR0cHM6XCJ9IiwiY3VzdG9tUGF5TG9hZDIiOiJ7XCJhbHRlcm5haVZpc2l0b3JJZFwiOlwiXCIsXCJ1YVwiOlwiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjBcIixcIm5vbi1ldmVudFwiOjB9IiwidXRtU291cmNlIjpudWxsLCJ1dG1NZWRpdW0iOm51bGwsInV0bUNhbXBhaWduIjpudWxsLCJ1dG1DYW1wYWlnbklkIjpudWxsLCJ1dG1Db250ZW50IjpudWxsLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjpudWxsLCJzdWJJZDIiOm51bGwsInN1YklkMyI6bnVsbCwic3ViSWQ0IjpudWxsLCJzdWJJZDUiOm51bGwsInNhbGVzRnVubmVsIjoiRnVubmVsIiwidmlzaXRvcklkIjpudWxsLCJyZWZlcnJhbFVybCI6IiIsImJyYW5kIjpudWxsLCJicm93c2VyIjoiRmlyZWZveCIsIm9zIjoiTGludXgiLCJkZXZpY2UiOiJEZXNrdG9wIn0=
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
666c82637166f160b430c3a13caf3b30
45f23499be7924955fa257ce10c2a76412e0a16c
b5b1625932b3d2b242b95c8680756c5d79135956bb1f6fd0b9544261a9d56389

HTTP Headers

GET /proxy/funnel/stats/save/?event=eyJ1cmwiOiIxODA0MDZCLnBocCIsImV2ZW50VHlwZSI6IkV4cGxvcml1bS1OZXdTZXNzaW9uIiwic2Vzc2lvbklkIjo4NDg5MjI1NDk5MzUsImRlc3RpbmF0aW9uSWQiOm51bGwsImZ1bm5lbFNUUElkIjpudWxsLCJzcGxpdFRlc3RpbmdJZCI6bnVsbCwic3BsaXRUZXN0aW5nRnVubmVsSWQiOm51bGwsImN1c3RvbVBheUxvYWQxIjoie1wiYWx0ZXJuYWlHdWVzdElkXCI6XCI4YzQ3YjIwNC1iMDZmLTQxYzQtYjZjMy03MjRmNGFiYmEzMDUsYmV2aGlsbHNtZC5jb20sLGJsb2I6aHR0cHM6XCJ9IiwiY3VzdG9tUGF5TG9hZDIiOiJ7XCJhbHRlcm5haVZpc2l0b3JJZFwiOlwiXCIsXCJ1YVwiOlwiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjBcIixcIm5vbi1ldmVudFwiOjB9IiwidXRtU291cmNlIjpudWxsLCJ1dG1NZWRpdW0iOm51bGwsInV0bUNhbXBhaWduIjpudWxsLCJ1dG1DYW1wYWlnbklkIjpudWxsLCJ1dG1Db250ZW50IjpudWxsLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjpudWxsLCJzdWJJZDIiOm51bGwsInN1YklkMyI6bnVsbCwic3ViSWQ0IjpudWxsLCJzdWJJZDUiOm51bGwsInNhbGVzRnVubmVsIjoiRnVubmVsIiwidmlzaXRvcklkIjpudWxsLCJyZWZlcnJhbFVybCI6IiIsImJyYW5kIjpudWxsLCJicm93c2VyIjoiRmlyZWZveCIsIm9zIjoiTGludXgiLCJkZXZpY2UiOiJEZXNrdG9wIn0= HTTP/1.1
Host: www2.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Cookie: _ga=GA1.2.574092237.1664320393; _gid=GA1.2.11103761.1664320393; _gat=1; _gcl_au=1.1.1694338189.1664320393; alternaiGuestId=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:; SessionId=848922549935
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 29
cf-ray: 7517edca2b21b515-OSL
cache-control: private, no-cache, max-age = 0
etag: W/"1d-RfI0mb55JJVfolfOEMKnZBLgoWw"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (991a05428f42)
cf-cache-status: DYNAMIC
set-cookie: _csrf=MHxhld6GL9NmUWod90yMZ2JY; Path=/
_csrf=TtDgd61emRnsUDu9jQVEzEo4; Path=/
XSRF-TOKEN=5fKIeW3r-KvzAJFZS62QAFi7VyCIjuESwEYs; Path=/; Secure
_csrf=lT704mTkNT1MK9VqSJv5zpjI; Path=/
_csrf=Gv1dfBp17MCEXdGTPG5rZ_A8; Path=/
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2

q.quora.com/_/ad/8918e3a26689416987ed227e3f48ba5d/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb

18.205.225.81

200 OK

43 B

URL HTTP/1.1
q.quora.com/_/ad/8918e3a26689416987ed227e3f48ba5d/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb
IP
18.205.225.81:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /_/ad/8918e3a26689416987ed227e3f48ba5d/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Date: Tue, 27 Sep 2022 23:13:15 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,d3f3338e926a7929d45337f2673655ab,10.0.0.208,22994,91.90.42.154,,64337590353,1,1664320395.996,0.001,,.,0,0,0.000,0.004,-,0,0,197,197,98,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive

metrics-api.librato.com/v1/metrics

3.234.179.174

200 OK

0 B

URL HTTP/2
metrics-api.librato.com/v1/metrics
IP
3.234.179.174:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/metrics HTTP/1.1
Host: metrics-api.librato.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Referer: https://bevhillsmd.com/
Origin: https://bevhillsmd.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:16 GMT
content-length: 0
access-control-allow-origin: https://bevhillsmd.com
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-headers: Authorization,Accept,Accept-Encoding,Accept-Language,Connection,Referer,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Librato-User-Agent
access-control-max-age: 1728000
access-control-expose-headers: Location
server: roundhouse
X-Firefox-Spdy: h2

amplify.outbrain.com/cp/obtp.js

23.38.201.81

200 OK

3.2 kB

URL HTTP/1.1
amplify.outbrain.com/cp/obtp.js
IP
23.38.201.81:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (8072), with no line terminators
Size
3.2 kB (3249 bytes)
Hash
9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a

HTTP Headers

GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Tue, 27 Sep 2022 23:33:16 GMT
Date: Tue, 27 Sep 2022 23:13:16 GMT
Content-Length: 3249
Connection: keep-alive

bat.bing.com/bat.js

204.79.197.200

200 OK

11 kB

URL HTTP/2
bat.bing.com/bat.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size
11 kB (11367 bytes)
Hash
293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=0FE0566D34B86A1C3284444135EF6B40; domain=.bing.com; expires=Sun, 22-Oct-2023 23:13:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B92D192656F4CE992B31DADE899F68D Ref B: OSL30EDGE0415 Ref C: 2022-09-27T23:13:16Z
date: Tue, 27 Sep 2022 23:13:15 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&gjid=405230360&_gid=11103761.1664320393&_u=IEBAAEAAAAAAAC~&z=2101839616

64.233.165.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&gjid=405230360&_gid=11103761.1664320393&_u=IEBAAEAAAAAAAC~&z=2101839616
IP
64.233.165.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&gjid=405230360&_gid=11103761.1664320393&_u=IEBAAEAAAAAAAC~&z=2101839616 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://bevhillsmd.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 23:13:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4f6610e6590a7981c80710f6b6b90fc8
96b1abadc7bb60b95c4677329f32a5fc4a29ca16
630e1e634669c499d120981afd453b80d8dae9d8abb666554609f5239619a7a8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 23:13:16 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gjL5Uk5HGcQ7MKmDRjZctCaU7Fces4WU2Lm8fYtxIVey6N2IdvM8hw==

bat.bing.com/action/0?ti=4001225&Ver=2&mid=ea96cd24-3054-4677-8b57-3302ee500819&sid=f62d29c03eb911edb886f3db8a53a6ea&vid=f62d4a403eb911ed90a60d31657a33b3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&p=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&r=&lt=2045&evt=pageLoad&sv=1&rn=902890

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=4001225&Ver=2&mid=ea96cd24-3054-4677-8b57-3302ee500819&sid=f62d29c03eb911edb886f3db8a53a6ea&vid=f62d4a403eb911ed90a60d31657a33b3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&p=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&r=&lt=2045&evt=pageLoad&sv=1&rn=902890
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=4001225&Ver=2&mid=ea96cd24-3054-4677-8b57-3302ee500819&sid=f62d29c03eb911edb886f3db8a53a6ea&vid=f62d4a403eb911ed90a60d31657a33b3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&p=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&r=&lt=2045&evt=pageLoad&sv=1&rn=902890 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2A4EAB918E4F6C2426A6B9BD8F186D88; domain=.bing.com; expires=Sun, 22-Oct-2023 23:13:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22A2C54ABF6A490BAD4F16157C27B2DC Ref B: OSL30EDGE0415 Ref C: 2022-09-27T23:13:16Z
date: Tue, 27 Sep 2022 23:13:15 GMT
X-Firefox-Spdy: h2

metrics-api.librato.com/v1/metrics

3.234.179.174

401 Unauthorized

545 B

URL HTTP/2
metrics-api.librato.com/v1/metrics
IP
3.234.179.174:0
ASN
#14618 AMAZON-AES

File type
data
Size
545 B (545 bytes)
Hash
33cb9a2beb6fadd6308d69cd4c8b3a1f
678959ec4db91e224a8b172bc9ac1bd57eee0f83
519a7ee4f602144d6d3a431358fe6a11091f1ac81a5b80a15f778587dadea70b

HTTP Headers

POST /v1/metrics HTTP/1.1
Host: metrics-api.librato.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Authorization: Basic YWJlbHJpb3NAb295YWxhLmNvbTo5NWQ1M2U4ODQxODM1ODM5NDY5ZjJhMmY5NmZkOTViNTY0MzQyZmZhZGZmNzU5YWQ5ZDQ5ZjE4OTc4MDVkYjFi
Content-Length: 209
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 401 Unauthorized
date: Tue, 27 Sep 2022 23:13:16 GMT
content-type: text/plain
www-authenticate: Basic realm="Librato API"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: https://bevhillsmd.com
access-control-expose-headers: Location
server: roundhouse
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/unip/1108549/tfa.js

151.101.85.44

200 OK

18 kB

URL HTTP/2
cdn.taboola.com/libtrc/unip/1108549/tfa.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (58507)
Size
18 kB (17965 bytes)
Hash
500ef3f7499d456b98535e4e0aace976
bf983e72c4fc6f88d80fa6ac1900e169923b9724
53259c5eed0be450d530eb222b4b2a8c057c14c2dd2d18aa3bfdf902d341c8a5

HTTP Headers

GET /libtrc/unip/1108549/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 4sHRR1i1xWgoFhElHaRL459d2wM04SMzMRwslxyjniF+rBcB5HXysncYk7WoafpqDOdd2g6UvTE=
x-amz-request-id: NR718DBK3VATW5M2
x-amz-replication-status: COMPLETED
last-modified: Sun, 25 Sep 2022 11:18:14 GMT
etag: "0e4583b0b961358f74e4254026611958"
x-amz-version-id: LCb_UBmKJ_7Qd7E6QPONiNpj6hfQRI3P
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664320396.089221,VS0,VE110
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 83
content-length: 17965
X-Firefox-Spdy: h2

script.crazyegg.com/pages/scripts/0025/1454.js

104.19.147.8

410 Gone

0 B

URL HTTP/2
script.crazyegg.com/pages/scripts/0025/1454.js
IP
104.19.147.8:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pages/scripts/0025/1454.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 410 Gone
date: Tue, 27 Sep 2022 23:13:16 GMT
content-type: application/javascript
content-length: 0
last-modified: Tue, 27 Sep 2022 23:13:16 GMT
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-origin: *
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7517edcb7d03b527-OSL
X-Firefox-Spdy: h2

bat.bing.com/p/action/4001225.js

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/p/action/4001225.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/4001225.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3C571BF3B5C06B901DAA09DFB4976A56; domain=.bing.com; expires=Sun, 22-Oct-2023 23:13:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A6FDFC09EB7042C98368421534BC5023 Ref B: OSL30EDGE0415 Ref C: 2022-09-27T23:13:16Z
date: Tue, 27 Sep 2022 23:13:15 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 23:13:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

metrics-api.librato.com/v1/measurements

3.234.179.174

200 OK

0 B

URL HTTP/2
metrics-api.librato.com/v1/measurements
IP
3.234.179.174:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/measurements HTTP/1.1
Host: metrics-api.librato.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://bevhillsmd.com/
Origin: https://bevhillsmd.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:16 GMT
content-length: 0
access-control-allow-origin: https://bevhillsmd.com
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-headers: Authorization,Accept,Accept-Encoding,Accept-Language,Connection,Referer,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Librato-User-Agent
access-control-max-age: 1728000
access-control-expose-headers: Location
server: roundhouse
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 23:13:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd5293e75d65016d03bc7f7c21297035
a16ee52900e8775f5e95773fed830d03368793b3
8a97583e8794e79e77350bc0c03c3dec089be2e2e821dc643d510977cccc4e03

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 891
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Last-Modified: Tue, 27 Sep 2022 22:58:25 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd5293e75d65016d03bc7f7c21297035
a16ee52900e8775f5e95773fed830d03368793b3
8a97583e8794e79e77350bc0c03c3dec089be2e2e821dc643d510977cccc4e03

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 891
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Last-Modified: Tue, 27 Sep 2022 22:58:25 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

trc.taboola.com/1108549/log/3/unip?en=page_view&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&tim=1664320393931&ref=null&cv=20220922-16-RELEASE&tos=141&ssd=1&scd=76&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04

151.101.85.44

204 No Content

0 B

URL HTTP/2
trc.taboola.com/1108549/log/3/unip?en=page_view&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&tim=1664320393931&ref=null&cv=20220922-16-RELEASE&tos=141&ssd=1&scd=76&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1108549/log/3/unip?en=page_view&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&tim=1664320393931&ref=null&cv=20220922-16-RELEASE&tos=141&ssd=1&scd=76&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://bevhillsmd.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320396.369082,VS0,VE79
x-vcl-time-ms: 79
X-Firefox-Spdy: h2

tr.outbrain.com/unifiedPixel?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&optOut=false&bust=05803374974813847&referrer=

70.42.32.31

200 OK

60 B

URL HTTP/1.1
tr.outbrain.com/unifiedPixel?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&optOut=false&bust=05803374974813847&referrer=
IP
70.42.32.31:0
ASN
#22075 AS-OUTBRAIN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
60 B (60 bytes)
Hash
fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb

HTTP Headers

GET /unifiedPixel?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&optOut=false&bust=05803374974813847&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 23:13:16 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 3b0e1ede3089ab201d81cda31618d968
content-encoding: gzip

player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/zh.json

151.101.86.27

200 OK

5.3 kB

URL HTTP/2
player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/zh.json
IP
151.101.86.27:0
ASN
#54113 FASTLY

File type
JSON data\012- , Unicode text, UTF-8 text
Size
5.3 kB (5272 bytes)
Hash
686cc0a90236e1ec2c7438eb06fc0940
571ff71e0a2a29d168ee4f67c2a9c7de4f4917f8
79075195dfa7da51508cc6ba710a013885d0352f383b1075f947e37fa6894db6

HTTP Headers

GET /static/v4/stable/4.5.5/skin-plugin/zh.json HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 20eMRD/O43aOGdGFp68cAAH853s8HA3JPRhzDV5e70ayciU59wviM/aCxabWL80n9Ckchtj2Y5E=
x-amz-request-id: R3AJPCCNXEAT5GPB
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 30 Jun 2016 22:05:39 GMT
etag: "686cc0a90236e1ec2c7438eb06fc0940"
cache-control: max-age=3600, must-revalidate
accept-ranges: bytes
content-type: application/json
server: AmazonS3
access-control-allow-headers: *
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320396.058431,VS0,VE450
content-length: 5272
X-Firefox-Spdy: h2

player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/en.json

151.101.86.27

200 OK

6.0 kB

URL HTTP/2
player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/en.json
IP
151.101.86.27:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text
Size
6.0 kB (6018 bytes)
Hash
ab58a556b1cf024097ce25cb82843f36
31f9c7bc17e6ae51fe48a22b7b33c23683e21d90
5c715cfb617eedf4733bd13504ce52aea9267a07222d41d173f71c24956c7b9a

HTTP Headers

GET /static/v4/stable/4.5.5/skin-plugin/en.json HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: Ha4VTstJpxJPNS4YqErjpm3PQRGH66WsGidq2irFgR+aS20U1oXBpGElqMkXfNvjJRKuNEtKt9M=
x-amz-request-id: 7R1Z0D2PWAZ5R0G2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 30 Jun 2016 22:05:38 GMT
etag: "ab58a556b1cf024097ce25cb82843f36"
cache-control: max-age=3600, must-revalidate
accept-ranges: bytes
content-type: application/json
server: AmazonS3
access-control-allow-headers: *
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320396.058131,VS0,VE450
content-length: 6018
X-Firefox-Spdy: h2

tr.outbrain.com/cachedClickId?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f

70.42.32.31

200 OK

56 B

URL HTTP/1.1
tr.outbrain.com/cachedClickId?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f
IP
70.42.32.31:0
ASN
#22075 AS-OUTBRAIN

File type
ASCII text, with no line terminators
Size
56 B (56 bytes)
Hash
77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599

HTTP Headers

GET /cachedClickId?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 23:13:16 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: a6c5ee3ddcb565905456471b851d66ab
content-encoding: gzip

player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/es.json

151.101.86.27

200 OK

6.6 kB

URL HTTP/2
player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/es.json
IP
151.101.86.27:0
ASN
#54113 FASTLY

File type
JSON data\012- , Unicode text, UTF-8 text
Size
6.6 kB (6565 bytes)
Hash
1496884395b7890a510f43fd45c70a4a
e9064ccb2b4b49c467f186b35906171d211b6f3c
3f75da40f96986e59196c05f0647c50a59933e2e6db02fb315b54a7ae7ce3006

HTTP Headers

GET /static/v4/stable/4.5.5/skin-plugin/es.json HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: PkPJlyKAB1G+aXnzZC2/BsISeIaoEQFhp828Fx/9M7rkOi9j5o8Hj40RC8t2dLR50rYcfysSVI4=
x-amz-request-id: 8WRR358S7YS28J2V
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 30 Jun 2016 22:05:38 GMT
etag: "1496884395b7890a510f43fd45c70a4a"
cache-control: max-age=3600, must-revalidate
accept-ranges: bytes
content-type: application/json
server: AmazonS3
access-control-allow-headers: *
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320396.058237,VS0,VE472
content-length: 6565
X-Firefox-Spdy: h2

trc.taboola.com/1108549/trc/3/json?tim=1664320393931&data=%7B%22id%22%3A861%2C%22ii%22%3A%22%2Fdwf%2F180406b.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664320393928%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fn%3Ddb%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbeverlyhillsmd-deepwrinklefiller-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22tim%22%3A1664320393931%2C%22ref%22%3Anull%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A76%7D%7D&pubit=i

151.101.85.44

200 OK

1.3 kB

URL HTTP/2
trc.taboola.com/1108549/trc/3/json?tim=1664320393931&data=%7B%22id%22%3A861%2C%22ii%22%3A%22%2Fdwf%2F180406b.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664320393928%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fn%3Ddb%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbeverlyhillsmd-deepwrinklefiller-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22tim%22%3A1664320393931%2C%22ref%22%3Anull%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A76%7D%7D&pubit=i
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2418), with no line terminators
Size
1.3 kB (1347 bytes)
Hash
7cfbe0db3f7f60e40e605acf7d55040b
a5cb8f2036b017c2932f0438f9377ac089afc3d0
ba6c9e7de3bd39f080ba049ebe30e28831955175443ed1199fe4ad65fb09559c

HTTP Headers

GET /1108549/trc/3/json?tim=1664320393931&data=%7B%22id%22%3A861%2C%22ii%22%3A%22%2Fdwf%2F180406b.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664320393928%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fn%3Ddb%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbeverlyhillsmd-deepwrinklefiller-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22tim%22%3A1664320393931%2C%22ref%22%3Anull%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A76%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320396.251553,VS0,VE99
vary: Accept-Encoding
x-vcl-time-ms: 99
X-Firefox-Spdy: h2

trc-events.taboola.com/1108549/log/3/unip?en=pre_d_eng_tb&tos=4570&scd=76&ssd=1&est=1664320393928&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664320398500&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1108549/log/3/unip?en=pre_d_eng_tb&tos=4570&scd=76&ssd=1&est=1664320393928&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664320398500&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1108549/log/3/unip?en=pre_d_eng_tb&tos=4570&scd=76&ssd=1&est=1664320393928&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664320398500&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 23:13:20 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://bevhillsmd.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

in.getclicky.com/in.php?site_id=100881123&type=pageview&href=%2Fdwf%2F180406B.php%3Fn%3Ddb&title=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.3042866259278576

198.145.13.11

200 OK

0 B

URL HTTP/2
in.getclicky.com/in.php?site_id=100881123&type=pageview&href=%2Fdwf%2F180406B.php%3Fn%3Ddb&title=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.3042866259278576
IP
198.145.13.11:0
ASN
#2044 DF-PTL01

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /in.php?site_id=100881123&type=pageview&href=%2Fdwf%2F180406B.php%3Fn%3Ddb&title=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.3042866259278576 HTTP/1.1
Host: in.getclicky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 23:13:16 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:

172.64.155.180

200 OK

0 B

URL HTTP/2
www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https: HTTP/1.1
Host: www2.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Cookie: _ga=GA1.2.574092237.1664320393; _gid=GA1.2.11103761.1664320393; _gat=1; _gcl_au=1.1.1694338189.1664320393; alternaiGuestId=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:; SessionId=848922549935; _csrf=_J8DWqYNsUiAoYYn38CF7XTD; XSRF-TOKEN=ri9udCQW-xJXMvnvpvZuRt2yVz4mhJzNmazU; _uetsid=f62d29c03eb911edb886f3db8a53a6ea; _uetvid=f62d4a403eb911ed90a60d31657a33b3; _jsuid=4247074359; _heatmaps_g2g_100881123=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:22 GMT
content-type: text/javascript;charset=UTF-8
cf-ray: 7517edf25f3ab515-OSL
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
set-cookie: XSRF-TOKEN=gS3H0ZLB-0_Rxah7jC9KD-X9WqqZLZEPuZ2Y; Path=/; Secure
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (991a05428f42), 1.1 spaces-router (991a05428f42)
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

beverlyhillsmd.com/cmd.php?ad=885438

172.64.155.20

302 Found

0 B

URL HTTP/2
beverlyhillsmd.com/cmd.php?ad=885438
IP
172.64.155.20:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cmd.php?ad=885438 HTTP/1.1
Host: beverlyhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 27 Sep 2022 23:13:13 GMT
content-type: text/html; charset=UTF-8
location: https://www.mcssl.com/SecureClient/track.ashx?885438&6
cf-ray: 7517edbcafa1b4fd-OSL
cf-cache-status: BYPASS
cf-apo-via: origin,qs
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bevhillsmd.com/css/fonts.css

172.64.155.180

200 OK

0 B

URL HTTP/2
bevhillsmd.com/css/fonts.css
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/fonts.css HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/css
cf-ray: 7517edc44edfb515-OSL
cache-control: public, max-age=3600
etag: W/"51c-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: REVALIDATED
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bevhillsmd.com/landing-scripts/css/colorbox.css

172.64.155.180

200 OK

0 B

URL HTTP/2
bevhillsmd.com/landing-scripts/css/colorbox.css
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landing-scripts/css/colorbox.css HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/css
cf-ray: 7517edc45eeab515-OSL
cache-control: public, max-age=3600
etag: W/"f78-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Raleway:400,700

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Raleway:400,700
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Raleway:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 23:13:15 GMT
date: Tue, 27 Sep 2022 23:13:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bevhillsmd.com/mdschoice/images/Phone_Icon_1.png

172.64.155.180

404 Not Found

0 B

URL HTTP/2
bevhillsmd.com/mdschoice/images/Phone_Icon_1.png
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mdschoice/images/Phone_Icon_1.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc778eeb515-OSL
age: 0
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bevhillsmd.com/bevhillsmd.json

172.64.155.180

200 OK

0 B

URL HTTP/2
bevhillsmd.com/bevhillsmd.json
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bevhillsmd.json HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: application/json
cf-ray: 7517edc7d93bb515-OSL
etag: W/"2925-5e99d0ebda480"
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:

172.64.155.180

200 OK

0 B

URL HTTP/2
www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https: HTTP/1.1
Host: www2.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Cookie: _ga=GA1.2.574092237.1664320393; _gid=GA1.2.11103761.1664320393; _gat=1; _gcl_au=1.1.1694338189.1664320393; alternaiGuestId=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:; SessionId=848922549935; _csrf=_J8DWqYNsUiAoYYn38CF7XTD; XSRF-TOKEN=Ay0qCW04-mm8pUU-9zvwEEi4oQkNdEA36NxI; _uetsid=f62d29c03eb911edb886f3db8a53a6ea; _uetvid=f62d4a403eb911ed90a60d31657a33b3; _jsuid=4247074359; _heatmaps_g2g_100881123=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:20 GMT
content-type: text/javascript;charset=UTF-8
cf-ray: 7517ede5ded6b515-OSL
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
set-cookie: XSRF-TOKEN=ri9udCQW-xJXMvnvpvZuRt2yVz4mhJzNmazU; Path=/; Secure
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (991a05428f42), 1.1 spaces-router (991a05428f42)
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bevhillsmd.com/dwf/180406B.php?n=db

172.64.155.180

200 OK

0 B

URL HTTP/2
bevhillsmd.com/dwf/180406B.php?n=db
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dwf/180406B.php?n=db HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:14 GMT
content-type: text/html; charset=UTF-8
cf-ray: 7517edc2bda0b515-OSL
set-cookie: TestCookie170519A=1; expires=Wed, 28-Sep-2022 23:13:14 GMT; Max-Age=86400
via: 1.1 vegur
cf-cache-status: DYNAMIC
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25.png

172.64.155.180

404 Not Found

0 B

URL HTTP/2
bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25.png
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dark-spot-corrector/images/Speaker_Icon-25.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc45ef2b515-OSL
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: EXPIRED
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25-flip.png

172.64.155.180

404 Not Found

0 B

URL HTTP/2
bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25-flip.png
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dark-spot-corrector/images/Speaker_Icon-25-flip.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc758d7b515-OSL
age: 0
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

analytics.ooyala.com/static/v3/analytics.js

54.230.111.63

200 OK

0 B

URL HTTP/2
analytics.ooyala.com/static/v3/analytics.js
IP
54.230.111.63:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/v3/analytics.js HTTP/1.1
Host: analytics.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 06 Dec 2017 21:56:30 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 05:30:58 GMT
etag: W/"06415b496e4f069b3e9b835c6a33ebec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2xa6H7iKMBi83QwTkZhXETEhIi1IOC42rJsCaJ2yM_Rhj65r4hioyA==
age: 63738
X-Firefox-Spdy: h2

www2.bevhillsmd.com/request-ip

172.64.155.180

200 OK

0 B

URL HTTP/2
www2.bevhillsmd.com/request-ip
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /request-ip HTTP/1.1
Host: www2.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Cookie: _ga=GA1.2.574092237.1664320393; _gid=GA1.2.11103761.1664320393; _gat=1; _gcl_au=1.1.1694338189.1664320393; alternaiGuestId=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:; SessionId=848922549935
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:16 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7517edca2b22b515-OSL
cache-control: private, no-cache, max-age = 0
etag: W/"3e-PLBRs3DqXHEUZb0x6V8ewSP3kSU"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (991a05428f42)
cf-cache-status: DYNAMIC
set-cookie: _csrf=BvHL9XUQXibGvchs7KMBNAh5; Path=/
_csrf=7i0KAl9MiQn0f3ab48h4RwIs; Path=/
XSRF-TOKEN=1mFYs4IF-MHUNz3GYNvdtf3OunNwYwPiuS1E; Path=/; Secure
_csrf=_J8DWqYNsUiAoYYn38CF7XTD; Path=/
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:

172.64.155.180

200 OK

0 B

URL HTTP/2
www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https: HTTP/1.1
Host: www2.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Cookie: _ga=GA1.2.574092237.1664320393; _gid=GA1.2.11103761.1664320393; _gat=1; _gcl_au=1.1.1694338189.1664320393; alternaiGuestId=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:; SessionId=848922549935; _csrf=_J8DWqYNsUiAoYYn38CF7XTD; XSRF-TOKEN=1mFYs4IF-MHUNz3GYNvdtf3OunNwYwPiuS1E; _uetsid=f62d29c03eb911edb886f3db8a53a6ea; _uetvid=f62d4a403eb911ed90a60d31657a33b3; _jsuid=4247074359; _heatmaps_g2g_100881123=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:18 GMT
content-type: text/javascript;charset=UTF-8
cf-ray: 7517edd95e1bb515-OSL
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
set-cookie: XSRF-TOKEN=Ay0qCW04-mm8pUU-9zvwEEi4oQkNdEA36NxI; Path=/; Secure
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (991a05428f42), 1.1 spaces-router (991a05428f42)
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bevhillsmd.com/landing-scripts/js/jquery.colorbox.js

172.64.155.180

200 OK

0 B

URL HTTP/2
bevhillsmd.com/landing-scripts/js/jquery.colorbox.js
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landing-scripts/js/jquery.colorbox.js HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: application/javascript
cf-ray: 7517edc44ee3b515-OSL
cache-control: public, max-age=3600
etag: W/"7660-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bevhillsmd.com/mdschoice/images/Phone_Icon_1.png

172.64.155.180

404 Not Found

0 B

URL HTTP/2
bevhillsmd.com/mdschoice/images/Phone_Icon_1.png
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mdschoice/images/Phone_Icon_1.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc46efbb515-OSL
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: EXPIRED
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

player.ooyala.com/static/v4/stable/4.24.9/skin-plugin/html5-skin.min.js

151.101.86.27

200 OK

0 B

URL HTTP/2
player.ooyala.com/static/v4/stable/4.24.9/skin-plugin/html5-skin.min.js
IP
151.101.86.27:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/v4/stable/4.24.9/skin-plugin/html5-skin.min.js HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: bzCzKXoGJELy78zEFvhtzsXUfAqXjCn4Md47q4KfLy2lejhblsa0miXMWWQtVK03UgVKUH9paMs=
x-amz-request-id: HR9F26MEVPGVZDG6
last-modified: Mon, 30 Apr 2018 21:12:54 GMT
etag: "1fd6bd02e363b248203f2cca4e06e53d"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=604800, must-revalidate
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 27 Sep 2022 23:13:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320395.107555,VS0,VE13
vary: Accept-Encoding
content-length: 131604
X-Firefox-Spdy: h2

metrics-api.librato.com/v1/measurements

3.234.179.174

401 Unauthorized

0 B

URL HTTP/2
metrics-api.librato.com/v1/measurements
IP
3.234.179.174:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /v1/measurements HTTP/1.1
Host: metrics-api.librato.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Basic YWJlbHJpb3NAb295YWxhLmNvbTo5NWQ1M2U4ODQxODM1ODM5NDY5ZjJhMmY5NmZkOTViNTY0MzQyZmZhZGZmNzU5YWQ5ZDQ5ZjE4OTc4MDVkYjFi
Content-Length: 265
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 401 Unauthorized
date: Tue, 27 Sep 2022 23:13:16 GMT
content-type: text/plain
www-authenticate: Basic realm="Librato API"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: https://bevhillsmd.com
access-control-expose-headers: Location
server: roundhouse
X-Firefox-Spdy: h2

stat.bevhillskrssdmn.com/js/fp.min.js

172.64.154.27

200 OK

0 B

URL HTTP/2
stat.bevhillskrssdmn.com/js/fp.min.js
IP
172.64.154.27:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/fp.min.js HTTP/1.1
Host: stat.bevhillskrssdmn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:20 GMT
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
last-modified: Mon, 28 Feb 2022 18:51:11 GMT
pragma: no-cache
vary: accept-encoding
via: 1.1 spaces-router (991a05428f42)
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: MISS
server: cloudflare
cf-ray: 7517ede92ed4b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.getclicky.com/js

104.16.221.29

200 OK

0 B

URL HTTP/2
static.getclicky.com/js
IP
104.16.221.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js HTTP/1.1
Host: static.getclicky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
expires: Tue, 04 Oct 2022 14:43:09 GMT
cache-control: max-age=604800
x-proxy-cache: HIT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:43:36 GMT
cf-cache-status: HIT
age: 30605
server: cloudflare
cf-ray: 7517edc4ce7fb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

bevhillsmd.com/landing-scripts/css/style2.css

172.64.155.180

200 OK

0 B

URL HTTP/2
bevhillsmd.com/landing-scripts/css/style2.css
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landing-scripts/css/style2.css HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/css
cf-ray: 7517edc44ee0b515-OSL
cache-control: public, max-age=3600
etag: W/"7b1c-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bevhillsmd.com/dwf/js/jquery.cookie.js

172.64.155.180

200 OK

0 B

URL HTTP/2
bevhillsmd.com/dwf/js/jquery.cookie.js
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dwf/js/jquery.cookie.js HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Cookie: TestCookie170519A=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: application/javascript
cf-ray: 7517edc45ef8b515-OSL
cache-control: public, max-age=3600
etag: W/"ca4-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bevhillsmd.com/mdschoice/images/Email_Icon.png

172.64.155.180

404 Not Found

0 B

URL HTTP/2
bevhillsmd.com/mdschoice/images/Email_Icon.png
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mdschoice/images/Email_Icon.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc46f01b515-OSL
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: EXPIRED
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25-flip.png

172.64.155.180

404 Not Found

0 B

URL HTTP/2
bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25-flip.png
IP
172.64.155.180:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dark-spot-corrector/images/Speaker_Icon-25-flip.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc45ef1b515-OSL
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: EXPIRED
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations