beverlyhillsmd.com/cmd.php?ad=885438
172.64.155.20301 Moved Permanently 0 B URL HTTP/1.1 beverlyhillsmd.com/cmd.php?ad=885438
IP 172.64.155.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cmd.php?ad=885438 HTTP/1.1
Host: beverlyhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 23:13:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 00:13:13 GMT
Location: https://beverlyhillsmd.com/cmd.php?ad=885438
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517edbb7df1fab8-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8676
Expires: Wed, 28 Sep 2022 01:37:49 GMT
Date: Tue, 27 Sep 2022 23:13:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 22:15:34 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2TcIRJhy2uxaUvljzmneEkTvBApyKI7xc2DW8WIJNUmN3BPVxzNkMQ==
Age: 3459
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 33SN4Lyd1VZI1_Mmn-ZQziYQ-LdJgtbdTA02Oy-8gMWIXW048PlL6Q==
age: 49740
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 23:13:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 23:10:46 GMT
Expires: Tue, 27 Sep 2022 23:12:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XHKK5ziwgDa0vhZ7kUVc2IWvhvhqPkyjhHCGJsKsZ4M0PDlZDYdb3g==
Age: 148
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6274
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:14 GMT
Last-Modified: Tue, 27 Sep 2022 21:28:41 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.mcssl.com/SecureClient/track.ashx?885438&6
209.17.119.201302 Found 159 B URL HTTP/2 www.mcssl.com/SecureClient/track.ashx?885438&6
IP 209.17.119.201:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9f3d471cca44c2a40250e002c64295eb
cae6c15292118e717dd1e1feac8b74bef1fb7445
dbcc29c2606a5b1643a9dfa8de982f902ccfdc9e3bd1054dfbc01a27d95db480
GET /SecureClient/track.ashx?885438&6 HTTP/1.1
Host: www.mcssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
cache-control: private
content-type: text/html; charset=utf-8
location: http://bevhillsmd.com/dwf/180406B.php?n=db
set-cookie: camp885438=885438; expires=Wed, 27-Sep-2023 23:13:14 GMT; path=/; secure; HttpOnly
298701ad=885438; expires=Wed, 27-Sep-2023 23:13:14 GMT; path=/; secure; HttpOnly
pr1ad=885438; expires=Wed, 27-Sep-2023 23:13:14 GMT; path=/; secure; HttpOnly
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
date: Tue, 27 Sep 2022 23:13:13 GMT
content-length: 159
X-Firefox-Spdy: h2
bevhillsmd.com/dwf/180406B.php?n=db
104.18.32.76301 Moved Permanently 0 B URL HTTP/1.1 bevhillsmd.com/dwf/180406B.php?n=db
IP 104.18.32.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dwf/180406B.php?n=db HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Sep 2022 23:13:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 00:13:14 GMT
Location: https://bevhillsmd.com/dwf/180406B.php?n=db
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7517edc19deefac4-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash abc402d0d898678412c76e64e6913678
d17c02c1a7e357523495dc83f1855cb0fbd27533
12da032c9865428ad4270426a609e8078d90fc6f640ad1d9cdbe08cd3f27e20d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:14 GMT
Server: ECS (amb/6BB1)
Content-Length: 279
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OzpLrEFRCZVCuUfGnvG5kw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UAKLbuKPGqMarNozeLev1nLCJM8=
bevhillsmd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.64.155.180200 OK 1.1 kB URL HTTP/2 bevhillsmd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.64.155.180:0
Hash e5e1e5f370b90da410115ff9c84edf7c
264bdce5290b3ebad15a030fbd3cc11168d514f1
a60e3ebd1c4f2cef0d1dd9dfeee5d26c3b111347cea8d5f32e8a4603c48c6e43
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:14 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 11:11:52 GMT
etag: W/"633188f8-4d7"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7517edc46f03b515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 29 Sep 2022 23:13:14 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 277 B IP 93.184.220.29:0
Hash cf1f56006325a9cb10642c51b7c69557
b01fad727fd6aea6fe712c0506359836918042e1
709c2e9a070325230c37cc0c4e81f87dc5b7d9b8422f41bd33ec0d49a4f53aba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3620
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:14 GMT
Last-Modified: Tue, 27 Sep 2022 22:12:54 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 277
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.74200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 20:55:30 GMT
expires: Wed, 27 Sep 2023 20:55:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 8264
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
142.250.74.74200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (32030)
Hash 04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2
GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 12:09:32 GMT
expires: Fri, 22 Sep 2023 12:09:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 471823
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 277 B IP 93.184.220.29:0
Hash cf1f56006325a9cb10642c51b7c69557
b01fad727fd6aea6fe712c0506359836918042e1
709c2e9a070325230c37cc0c4e81f87dc5b7d9b8422f41bd33ec0d49a4f53aba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3621
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:15 GMT
Last-Modified: Tue, 27 Sep 2022 22:12:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 277
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bevhillsmd.com/dwf/images/drLayke.jpg
172.64.155.180200 OK 30 kB URL HTTP/2 bevhillsmd.com/dwf/images/drLayke.jpg
IP 172.64.155.180:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 188x280, components 3\012- data
Hash babd479ed4962b13a9fa0672e8522db7
2bf024ed5fb0f26ebccc8607c917aef8948ab506
dec53f992a1d13897621a5e7e53473f65a41328b794969f5b7d3aca60a79b508
GET /dwf/images/drLayke.jpg HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Cookie: TestCookie170519A=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: image/jpeg
content-length: 29718
cf-ray: 7517edc45ef3b515-OSL
accept-ranges: bytes
cache-control: public, max-age=3600
etag: "7416-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
player.ooyala.com/static/v4/stable/4.24.9/skin-plugin/html5-skin.min.css
151.101.86.27200 OK 16 kB URL HTTP/2 player.ooyala.com/static/v4/stable/4.24.9/skin-plugin/html5-skin.min.css
IP 151.101.86.27:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0f5f5cd09bb5ff0ce603854d9596f538
a3fda2c3cf69196e0cedf4d0cc670446baf91989
41d355bd3b287876f6635fee2505a180437c17917c79b465f64aaaddd375aae0
GET /static/v4/stable/4.24.9/skin-plugin/html5-skin.min.css HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yjPOljNXWzqmx7Zrl5GnJl+3rUZsn93KG29AHiHsXAtksl8JrD068CW9qqZnwyMAHiPJNYz0tto=
x-amz-request-id: GJWDHP6B8EQCXPKT
last-modified: Mon, 30 Apr 2018 21:12:53 GMT
etag: "1368c0537d89fb03d83534f431e24106"
cache-control: max-age=604800, must-revalidate
accept-ranges: bytes
content-type: text/css
server: AmazonS3
content-encoding: gzip
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
date: Tue, 27 Sep 2022 23:13:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320395.104259,VS0,VE12
vary: Accept-Encoding
content-length: 15740
X-Firefox-Spdy: h2
cdn.bevhillsmd.com/img/as_seen_on.jpg
172.64.155.180200 OK 6.1 kB URL HTTP/2 cdn.bevhillsmd.com/img/as_seen_on.jpg
IP 172.64.155.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 543x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e4d486f3c3b694dac96934db792ab77d
ef4875624b81dd862d045d6801bc3550d65bc092
6d4eb800eb9230129ed9b80374a4f08409a0ff3b36d3f2eabf15b8358f9f102f
GET /img/as_seen_on.jpg HTTP/1.1
Host: cdn.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: image/webp
content-length: 6110
cf-ray: 7517edc45ef4b515-OSL
accept-ranges: bytes
cache-control: public, max-age=3600
content-disposition: inline; filename="as_seen_on.webp"
etag: "80973af9cedaa349975884f833265dc6"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Fri, 20 Nov 2020 00:35:22 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=13659
x-amz-id-2: nMSF6TJtCAU0vN6dJ2oRq+JXzdBcRXBD0B3WYphVhjjTxrsfZTqZ0kVu9vUvDRTrHgRz+nuRQL4=
x-amz-request-id: 0XN3P1X2QDJEKCWP
server: cloudflare
X-Firefox-Spdy: h2
cdn.bevhillsmd.com/img/header.jpg
172.64.155.180200 OK 8.0 kB URL HTTP/2 cdn.bevhillsmd.com/img/header.jpg
IP 172.64.155.180:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 915x71, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c353df3168862a58c91c0b3cb051484a
3344104a24ca3de8c06ea9db6b6a9f8d21fe1f96
c7860337218b1e6392f5b64bbf4eea9997477159de525bf5b07b251ab30ef2fd
GET /img/header.jpg HTTP/1.1
Host: cdn.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: image/webp
content-length: 7998
cf-ray: 7517edc45ef5b515-OSL
accept-ranges: bytes
cache-control: public, max-age=3600
content-disposition: inline; filename="header.webp"
etag: "3373340bc09962b14446b98339f0e0d2"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Fri, 20 Nov 2020 00:35:20 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=22363
x-amz-id-2: k8u5W/3He5UIVIWVuSmyogwSYjAub4juLQS2ZRa8FcXcl6986VcG3/wveybah/2hIysTiF8VHQQ=
x-amz-request-id: 6A9A26W4BM9GAS84
server: cloudflare
X-Firefox-Spdy: h2
player.ooyala.com/static/v4/stable/4.24.9/video-plugin/main_html5.min.js
151.101.86.27200 OK 18 kB URL HTTP/2 player.ooyala.com/static/v4/stable/4.24.9/video-plugin/main_html5.min.js
IP 151.101.86.27:0
File type ASCII text, with very long lines (32020)
Hash 7ddb1409e4f94511edfb326133f7bfdc
31879e4556fb146c6b390bf88df7d6f62f38f82b
f1a5d1daccbfcbf09aab2c4399c4efac0a1f3674bedfb5ff341d0d51c3b0b143
GET /static/v4/stable/4.24.9/video-plugin/main_html5.min.js HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 94xSobS2vUUGbw2EYNXnsLxKE7aLhjAcIi+deE2yGhvuZa2EQQgPmzURgZFcYEPyVsjnc38Z9fk=
x-amz-request-id: 77N6777PZRYEZHT9
last-modified: Mon, 30 Apr 2018 21:12:56 GMT
etag: "702c512b195680f11f6240248121ebc4"
cache-control: max-age=604800, must-revalidate
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
date: Tue, 27 Sep 2022 23:13:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320395.107133,VS0,VE13
vary: Accept-Encoding
content-length: 17830
X-Firefox-Spdy: h2
player.ooyala.com/static/v4/stable/4.24.9/core.min.js
151.101.86.27200 OK 163 kB URL HTTP/2 player.ooyala.com/static/v4/stable/4.24.9/core.min.js
IP 151.101.86.27:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size 163 kB (163286 bytes)
Hash 54ab7982dfe499190fdc90eb24c5946d
19bb290fe3e9fb78ef02bcf80763847e2901a0c0
b31975b72deebb3cdc3b5a973589dac02fbab03da7acec8d95931fdc6160eff5
GET /static/v4/stable/4.24.9/core.min.js HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TCaWMiJYbWvPkHOVWOp9iBQuT0QtmCf2qI7kyZ8X/OLen4u3r1glkHnoAucPFlEb7LdRQ/zHV1I=
x-amz-request-id: GJWFHQSJS4E2N64Y
last-modified: Mon, 30 Apr 2018 21:12:55 GMT
etag: "891837cd188a97422ba8d9f6b82ff652"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=604800, must-revalidate
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 27 Sep 2022 23:13:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320395.107124,VS0,VE9
vary: Accept-Encoding
content-length: 163286
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TQHDHR
142.250.74.72200 OK 85 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TQHDHR
IP 142.250.74.72:0
File type Unicode text, UTF-8 text, with very long lines (61106)
Hash 3b74578364b13ece4ef361eb035d6f7f
e6a5880c0ce188da98803f946db18dfb3c38a010
9e7b16e43cb55141a4524a11d3a4b92e5706cec84035c16d735172ae4cb9e5e0
GET /gtm.js?id=GTM-TQHDHR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 23:13:15 GMT
expires: Tue, 27 Sep 2022 23:13:15 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 21:09:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84895
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.ooyala.com/ooyala_storage.html
151.101.86.27200 OK 1.2 kB URL HTTP/2 player.ooyala.com/ooyala_storage.html
IP 151.101.86.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 40e69e75a1f169e645d70ad2ee398d5a
d05d24f8d7a975d9d7ddff66c1f294128cfdf811
89912ff2c4367afb93f1585828f7eaaa10b76890f338c86747bd5ef3f32af079
GET /ooyala_storage.html HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: ryncEifi+d77vfUgWxB0Av3NgRb+BH0YBpFxaSXuuwlFLRYRS1dTRz9FhSItYxmpdZE+mD8j3Hk=
x-amz-request-id: GYR2AJB3B7YJK25Q
last-modified: Tue, 18 Jul 2017 21:57:32 GMT
etag: "84f213d7453fbc34816c118bd5a4a70c"
accept-ranges: bytes
content-type: text/html
server: AmazonS3
content-encoding: gzip
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=557918
date: Tue, 27 Sep 2022 23:13:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320395.469080,VS0,VE1
vary: Accept-Encoding
content-length: 1211
X-Firefox-Spdy: h2
bevhillsmd.com/mdschoice/images/Email_Icon.png
172.64.155.180404 Not Found 20 kB URL HTTP/2 bevhillsmd.com/mdschoice/images/Email_Icon.png
IP 172.64.155.180:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d6b9a5cb36d00516ab12fb450f6027f3
37420db25fd40b94d703cc5b566cd2d95897489f
8566be6c1ad7e71586fb59c1e7b17dd615f8af037b3bb01aa55becab3c0d0cc2
GET /mdschoice/images/Email_Icon.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc778f0b515-OSL
age: 0
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9b3611d4fbebaa55d47ac081832233d3
242ad307a1d80cc1c8d447bf644983654ce80ccc
e934b9b9236ad6c70f63c1ef43dc2cfd18798ecbe7a5966a25eb195a69f065d6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 23:13:15 GMT
Last-Modified: Tue, 27 Sep 2022 22:14:11 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9rtkDZk6tcrXXemNCpGZGJm4ulzvfaAvTAl_uNlBDO5OtpzNHLiNnQ==
Age: 3544
dnn506yrbagrg.cloudfront.net/pages/scripts/0025/1454.js?462311
54.230.245.60200 OK 309 B URL HTTP/1.1 dnn506yrbagrg.cloudfront.net/pages/scripts/0025/1454.js?462311
IP 54.230.245.60:0
Hash 3e228ac346d7a631ee2e56e9802fd1a4
9c43a3592f2c375bae5396f38de5706fb2d4ca6b
8d5f4dd3ec59b18fb5803c881b2b59d476d40ef56dca1e0fd153e5100ecb52c8
GET /pages/scripts/0025/1454.js?462311 HTTP/1.1
Host: dnn506yrbagrg.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 309
Connection: keep-alive
Date: Wed, 21 Sep 2022 17:45:12 GMT
Last-Modified: Tue, 03 Mar 2020 19:16:29 GMT
ETag: "3e228ac346d7a631ee2e56e9802fd1a4"
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jO5L0kIRkydO9e026qY6u7edX8CDbf7mwhAGM4EI2_G__VDwILaHAA==
Age: 538084
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43d7c0db2af42ad4d0095324b2691f6c
1a1139cff14aff6755b9e43ff4ef8c9ece1102c1
42073c84e0c215109b54ab55a53cce9e6cce44f4619f5988fa4e2776ff70b362
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9780
x-amzn-requestid: 9938422e-12cd-4aab-9e58-c26b8fee53b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UOH3DoAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-37105d923f19437025abec71;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Halsx09hxT_sMRc2jy-fJA0tE85F6Bgz9P9Trx02Z9aMfIZVLkLW4g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:42 GMT
age: 4533
etag: "1a1139cff14aff6755b9e43ff4ef8c9ece1102c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4a66beda24621e812a929933c52025d
e951f6b11e473b68d2fdd95b822cef120d37b1eb
28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EbkbN72NJbDqfnJjnaUcitG0W6yk8vR__5zLvdidXuWqh7VQK2O8OA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:18:40 GMT
age: 3275
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3e1fd3401c5e635a8dbeec5f78b721d
2142075b27d0d355c51231ab06fea46e25eb9c59
2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:59:08 GMT
age: 65647
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 4991
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 5235
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59163c799f3d48e74abdd285ee615119
883e61d46ef6c09013724aa7b8f560272ee08574
e1bafc575ff4274b210bee481a8e73c065de5bc14ddf46c269ef91eda0df8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc892aae9-4381-46ed-9dd8-bd581d7389ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8621
x-amzn-requestid: 5a828651-41c2-4aa0-931d-6522098a8438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASUWEYvIAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffdb5-5ace75523a98a9237fabca8f;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:05:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2a-Ip86QEcmn31zRYLuD9dtCXduTOd0OZO0JdpfbTvJK7Z7wRGxEaQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:21:35 GMT
age: 3100
etag: "883e61d46ef6c09013724aa7b8f560272ee08574"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f11a775500ec61d65f68e96866de4bab
5149f0bab068ef0c3fa82dd55ae3a50d1a57817f
3da35992ffdd8de102e46eb4f2360c01f352a545d048442ce6a3663bc23cc5f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DA35992FFDD8DE102E46EB4F2360C01F352A545D048442CE6A3663BC23CC5F8"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2770
Expires: Tue, 27 Sep 2022 23:59:25 GMT
Date: Tue, 27 Sep 2022 23:13:15 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4f6610e6590a7981c80710f6b6b90fc8
96b1abadc7bb60b95c4677329f32a5fc4a29ca16
630e1e634669c499d120981afd453b80d8dae9d8abb666554609f5239619a7a8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 23:13:15 GMT
Last-Modified: Tue, 27 Sep 2022 21:57:33 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 36NW0DZIVS5MP8dfNcbIE_W9p-qk8AfU3Nj_1zTNs46us3HmpjkvpQ==
Age: 4542
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4f6610e6590a7981c80710f6b6b90fc8
96b1abadc7bb60b95c4677329f32a5fc4a29ca16
630e1e634669c499d120981afd453b80d8dae9d8abb666554609f5239619a7a8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 23:13:15 GMT
Last-Modified: Tue, 27 Sep 2022 22:01:33 GMT
Server: ECS (dcb/7F13)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yV87iEAwzcOBHAj5Xz18HTVOFdF734xCMI2E2YbDnVGRFUtd03ODcw==
Age: 4302
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4f6610e6590a7981c80710f6b6b90fc8
96b1abadc7bb60b95c4677329f32a5fc4a29ca16
630e1e634669c499d120981afd453b80d8dae9d8abb666554609f5239619a7a8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 23:13:15 GMT
Last-Modified: Tue, 27 Sep 2022 22:27:59 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2Sdk0hT3DImCXSSAT_5pA-9kCnmA5b3CMi-1yghllWRk708YmK6-Og==
Age: 2716
www2.bevhillsmd.com/proxy/funnel/stats/save/?event=eyJ1cmwiOiIxODA0MDZCLnBocCIsImV2ZW50VHlwZSI6IkV4cGxvcml1bS1OZXdTZXNzaW9uIiwic2Vzc2lvbklkIjo4NDg5MjI1NDk5MzUsImRlc3RpbmF0aW9uSWQiOm51bGwsImZ1bm5lbFNUUElkIjpudWxsLCJzcGxpdFRlc3RpbmdJZCI6bnVsbCwic3BsaXRUZXN0aW5nRnVubmVsSWQiOm51bGwsImN1c3RvbVBheUxvYWQxIjoie1wiYWx0ZXJuYWlHdWVzdElkXCI6XCI4YzQ3YjIwNC1iMDZmLTQxYzQtYjZjMy03MjRmNGFiYmEzMDUsYmV2aGlsbHNtZC5jb20sLGJsb2I6aHR0cHM6XCJ9IiwiY3VzdG9tUGF5TG9hZDIiOiJ7XCJhbHRlcm5haVZpc2l0b3JJZFwiOlwiXCIsXCJ1YVwiOlwiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjBcIixcIm5vbi1ldmVudFwiOjB9IiwidXRtU291cmNlIjpudWxsLCJ1dG1NZWRpdW0iOm51bGwsInV0bUNhbXBhaWduIjpudWxsLCJ1dG1DYW1wYWlnbklkIjpudWxsLCJ1dG1Db250ZW50IjpudWxsLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjpudWxsLCJzdWJJZDIiOm51bGwsInN1YklkMyI6bnVsbCwic3ViSWQ0IjpudWxsLCJzdWJJZDUiOm51bGwsInNhbGVzRnVubmVsIjoiRnVubmVsIiwidmlzaXRvcklkIjpudWxsLCJyZWZlcnJhbFVybCI6IiIsImJyYW5kIjpudWxsLCJicm93c2VyIjoiRmlyZWZveCIsIm9zIjoiTGludXgiLCJkZXZpY2UiOiJEZXNrdG9wIn0=
172.64.155.180200 OK 29 B URL HTTP/2 www2.bevhillsmd.com/proxy/funnel/stats/save/?event=eyJ1cmwiOiIxODA0MDZCLnBocCIsImV2ZW50VHlwZSI6IkV4cGxvcml1bS1OZXdTZXNzaW9uIiwic2Vzc2lvbklkIjo4NDg5MjI1NDk5MzUsImRlc3RpbmF0aW9uSWQiOm51bGwsImZ1bm5lbFNUUElkIjpudWxsLCJzcGxpdFRlc3RpbmdJZCI6bnVsbCwic3BsaXRUZXN0aW5nRnVubmVsSWQiOm51bGwsImN1c3RvbVBheUxvYWQxIjoie1wiYWx0ZXJuYWlHdWVzdElkXCI6XCI4YzQ3YjIwNC1iMDZmLTQxYzQtYjZjMy03MjRmNGFiYmEzMDUsYmV2aGlsbHNtZC5jb20sLGJsb2I6aHR0cHM6XCJ9IiwiY3VzdG9tUGF5TG9hZDIiOiJ7XCJhbHRlcm5haVZpc2l0b3JJZFwiOlwiXCIsXCJ1YVwiOlwiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjBcIixcIm5vbi1ldmVudFwiOjB9IiwidXRtU291cmNlIjpudWxsLCJ1dG1NZWRpdW0iOm51bGwsInV0bUNhbXBhaWduIjpudWxsLCJ1dG1DYW1wYWlnbklkIjpudWxsLCJ1dG1Db250ZW50IjpudWxsLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjpudWxsLCJzdWJJZDIiOm51bGwsInN1YklkMyI6bnVsbCwic3ViSWQ0IjpudWxsLCJzdWJJZDUiOm51bGwsInNhbGVzRnVubmVsIjoiRnVubmVsIiwidmlzaXRvcklkIjpudWxsLCJyZWZlcnJhbFVybCI6IiIsImJyYW5kIjpudWxsLCJicm93c2VyIjoiRmlyZWZveCIsIm9zIjoiTGludXgiLCJkZXZpY2UiOiJEZXNrdG9wIn0=
IP 172.64.155.180:0
File type ASCII text, with no line terminators
Hash 666c82637166f160b430c3a13caf3b30
45f23499be7924955fa257ce10c2a76412e0a16c
b5b1625932b3d2b242b95c8680756c5d79135956bb1f6fd0b9544261a9d56389
GET /proxy/funnel/stats/save/?event=eyJ1cmwiOiIxODA0MDZCLnBocCIsImV2ZW50VHlwZSI6IkV4cGxvcml1bS1OZXdTZXNzaW9uIiwic2Vzc2lvbklkIjo4NDg5MjI1NDk5MzUsImRlc3RpbmF0aW9uSWQiOm51bGwsImZ1bm5lbFNUUElkIjpudWxsLCJzcGxpdFRlc3RpbmdJZCI6bnVsbCwic3BsaXRUZXN0aW5nRnVubmVsSWQiOm51bGwsImN1c3RvbVBheUxvYWQxIjoie1wiYWx0ZXJuYWlHdWVzdElkXCI6XCI4YzQ3YjIwNC1iMDZmLTQxYzQtYjZjMy03MjRmNGFiYmEzMDUsYmV2aGlsbHNtZC5jb20sLGJsb2I6aHR0cHM6XCJ9IiwiY3VzdG9tUGF5TG9hZDIiOiJ7XCJhbHRlcm5haVZpc2l0b3JJZFwiOlwiXCIsXCJ1YVwiOlwiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjBcIixcIm5vbi1ldmVudFwiOjB9IiwidXRtU291cmNlIjpudWxsLCJ1dG1NZWRpdW0iOm51bGwsInV0bUNhbXBhaWduIjpudWxsLCJ1dG1DYW1wYWlnbklkIjpudWxsLCJ1dG1Db250ZW50IjpudWxsLCJ1dG1UZXJtIjpudWxsLCJhZmZJZCI6IiIsIm9mZklkIjoiIiwic3ViSWQxIjpudWxsLCJzdWJJZDIiOm51bGwsInN1YklkMyI6bnVsbCwic3ViSWQ0IjpudWxsLCJzdWJJZDUiOm51bGwsInNhbGVzRnVubmVsIjoiRnVubmVsIiwidmlzaXRvcklkIjpudWxsLCJyZWZlcnJhbFVybCI6IiIsImJyYW5kIjpudWxsLCJicm93c2VyIjoiRmlyZWZveCIsIm9zIjoiTGludXgiLCJkZXZpY2UiOiJEZXNrdG9wIn0= HTTP/1.1
Host: www2.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Cookie: _ga=GA1.2.574092237.1664320393; _gid=GA1.2.11103761.1664320393; _gat=1; _gcl_au=1.1.1694338189.1664320393; alternaiGuestId=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:; SessionId=848922549935
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 29
cf-ray: 7517edca2b21b515-OSL
cache-control: private, no-cache, max-age = 0
etag: W/"1d-RfI0mb55JJVfolfOEMKnZBLgoWw"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (991a05428f42)
cf-cache-status: DYNAMIC
set-cookie: _csrf=MHxhld6GL9NmUWod90yMZ2JY; Path=/
_csrf=TtDgd61emRnsUDu9jQVEzEo4; Path=/
XSRF-TOKEN=5fKIeW3r-KvzAJFZS62QAFi7VyCIjuESwEYs; Path=/; Secure
_csrf=lT704mTkNT1MK9VqSJv5zpjI; Path=/
_csrf=Gv1dfBp17MCEXdGTPG5rZ_A8; Path=/
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
q.quora.com/_/ad/8918e3a26689416987ed227e3f48ba5d/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb
18.205.225.81200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/8918e3a26689416987ed227e3f48ba5d/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb
IP 18.205.225.81:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/8918e3a26689416987ed227e3f48ba5d/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Tue, 27 Sep 2022 23:13:15 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,d3f3338e926a7929d45337f2673655ab,10.0.0.208,22994,91.90.42.154,,64337590353,1,1664320395.996,0.001,,.,0,0,0.000,0.004,-,0,0,197,197,98,10,34729,,,,,,-,
Content-Length: 43
Connection: keep-alive
metrics-api.librato.com/v1/metrics
3.234.179.174200 OK 0 B URL HTTP/2 metrics-api.librato.com/v1/metrics
IP 3.234.179.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/metrics HTTP/1.1
Host: metrics-api.librato.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Referer: https://bevhillsmd.com/
Origin: https://bevhillsmd.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:16 GMT
content-length: 0
access-control-allow-origin: https://bevhillsmd.com
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-headers: Authorization,Accept,Accept-Encoding,Accept-Language,Connection,Referer,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Librato-User-Agent
access-control-max-age: 1728000
access-control-expose-headers: Location
server: roundhouse
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 3.2 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (8072), with no line terminators
Hash 9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Tue, 27 Sep 2022 23:33:16 GMT
Date: Tue, 27 Sep 2022 23:13:16 GMT
Content-Length: 3249
Connection: keep-alive
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=0FE0566D34B86A1C3284444135EF6B40; domain=.bing.com; expires=Sun, 22-Oct-2023 23:13:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B92D192656F4CE992B31DADE899F68D Ref B: OSL30EDGE0415 Ref C: 2022-09-27T23:13:16Z
date: Tue, 27 Sep 2022 23:13:15 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&gjid=405230360&_gid=11103761.1664320393&_u=IEBAAEAAAAAAAC~&z=2101839616
64.233.165.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&gjid=405230360&_gid=11103761.1664320393&_u=IEBAAEAAAAAAAC~&z=2101839616
IP 64.233.165.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&gjid=405230360&_gid=11103761.1664320393&_u=IEBAAEAAAAAAAC~&z=2101839616 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://bevhillsmd.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 23:13:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4f6610e6590a7981c80710f6b6b90fc8
96b1abadc7bb60b95c4677329f32a5fc4a29ca16
630e1e634669c499d120981afd453b80d8dae9d8abb666554609f5239619a7a8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 23:13:16 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gjL5Uk5HGcQ7MKmDRjZctCaU7Fces4WU2Lm8fYtxIVey6N2IdvM8hw==
bat.bing.com/action/0?ti=4001225&Ver=2&mid=ea96cd24-3054-4677-8b57-3302ee500819&sid=f62d29c03eb911edb886f3db8a53a6ea&vid=f62d4a403eb911ed90a60d31657a33b3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&p=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&r=<=2045&evt=pageLoad&sv=1&rn=902890
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=4001225&Ver=2&mid=ea96cd24-3054-4677-8b57-3302ee500819&sid=f62d29c03eb911edb886f3db8a53a6ea&vid=f62d4a403eb911ed90a60d31657a33b3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&p=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&r=<=2045&evt=pageLoad&sv=1&rn=902890
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=4001225&Ver=2&mid=ea96cd24-3054-4677-8b57-3302ee500819&sid=f62d29c03eb911edb886f3db8a53a6ea&vid=f62d4a403eb911ed90a60d31657a33b3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&p=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&r=<=2045&evt=pageLoad&sv=1&rn=902890 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2A4EAB918E4F6C2426A6B9BD8F186D88; domain=.bing.com; expires=Sun, 22-Oct-2023 23:13:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22A2C54ABF6A490BAD4F16157C27B2DC Ref B: OSL30EDGE0415 Ref C: 2022-09-27T23:13:16Z
date: Tue, 27 Sep 2022 23:13:15 GMT
X-Firefox-Spdy: h2
metrics-api.librato.com/v1/metrics
3.234.179.174401 Unauthorized 545 B URL HTTP/2 metrics-api.librato.com/v1/metrics
IP 3.234.179.174:0
Hash 33cb9a2beb6fadd6308d69cd4c8b3a1f
678959ec4db91e224a8b172bc9ac1bd57eee0f83
519a7ee4f602144d6d3a431358fe6a11091f1ac81a5b80a15f778587dadea70b
POST /v1/metrics HTTP/1.1
Host: metrics-api.librato.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Authorization: Basic YWJlbHJpb3NAb295YWxhLmNvbTo5NWQ1M2U4ODQxODM1ODM5NDY5ZjJhMmY5NmZkOTViNTY0MzQyZmZhZGZmNzU5YWQ5ZDQ5ZjE4OTc4MDVkYjFi
Content-Length: 209
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 401 Unauthorized
date: Tue, 27 Sep 2022 23:13:16 GMT
content-type: text/plain
www-authenticate: Basic realm="Librato API"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: https://bevhillsmd.com
access-control-expose-headers: Location
server: roundhouse
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1108549/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1108549/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58507)
Hash 500ef3f7499d456b98535e4e0aace976
bf983e72c4fc6f88d80fa6ac1900e169923b9724
53259c5eed0be450d530eb222b4b2a8c057c14c2dd2d18aa3bfdf902d341c8a5
GET /libtrc/unip/1108549/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4sHRR1i1xWgoFhElHaRL459d2wM04SMzMRwslxyjniF+rBcB5HXysncYk7WoafpqDOdd2g6UvTE=
x-amz-request-id: NR718DBK3VATW5M2
x-amz-replication-status: COMPLETED
last-modified: Sun, 25 Sep 2022 11:18:14 GMT
etag: "0e4583b0b961358f74e4254026611958"
x-amz-version-id: LCb_UBmKJ_7Qd7E6QPONiNpj6hfQRI3P
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664320396.089221,VS0,VE110
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 83
content-length: 17965
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0025/1454.js
104.19.147.8410 Gone 0 B URL HTTP/2 script.crazyegg.com/pages/scripts/0025/1454.js
IP 104.19.147.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pages/scripts/0025/1454.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 410 Gone
date: Tue, 27 Sep 2022 23:13:16 GMT
content-type: application/javascript
content-length: 0
last-modified: Tue, 27 Sep 2022 23:13:16 GMT
cache-control: public, max-age=86400, s-maxage=86400
access-control-allow-origin: *
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7517edcb7d03b527-OSL
X-Firefox-Spdy: h2
bat.bing.com/p/action/4001225.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/4001225.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/4001225.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3C571BF3B5C06B901DAA09DFB4976A56; domain=.bing.com; expires=Sun, 22-Oct-2023 23:13:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A6FDFC09EB7042C98368421534BC5023 Ref B: OSL30EDGE0415 Ref C: 2022-09-27T23:13:16Z
date: Tue, 27 Sep 2022 23:13:15 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 23:13:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
metrics-api.librato.com/v1/measurements
3.234.179.174200 OK 0 B URL HTTP/2 metrics-api.librato.com/v1/measurements
IP 3.234.179.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/measurements HTTP/1.1
Host: metrics-api.librato.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://bevhillsmd.com/
Origin: https://bevhillsmd.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:16 GMT
content-length: 0
access-control-allow-origin: https://bevhillsmd.com
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-headers: Authorization,Accept,Accept-Encoding,Accept-Language,Connection,Referer,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Librato-User-Agent
access-control-max-age: 1728000
access-control-expose-headers: Location
server: roundhouse
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-77156756-1&cid=574092237.1664320393&jid=1379816047&_u=IEBAAEAAAAAAAC~&z=1649862887 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 23:13:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef12641bb4d59312b43f4f06ae2cee73
5450eaf271bf466e6aa58b63d52b49b66c5f4a6f
894fd5dabf39c09179591f3305d88ef71eb467ddeb1fc5c568dc377c3a1317d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd5293e75d65016d03bc7f7c21297035
a16ee52900e8775f5e95773fed830d03368793b3
8a97583e8794e79e77350bc0c03c3dec089be2e2e821dc643d510977cccc4e03
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 891
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Last-Modified: Tue, 27 Sep 2022 22:58:25 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd5293e75d65016d03bc7f7c21297035
a16ee52900e8775f5e95773fed830d03368793b3
8a97583e8794e79e77350bc0c03c3dec089be2e2e821dc643d510977cccc4e03
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 891
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 23:13:16 GMT
Last-Modified: Tue, 27 Sep 2022 22:58:25 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
trc.taboola.com/1108549/log/3/unip?en=page_view&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&tim=1664320393931&ref=null&cv=20220922-16-RELEASE&tos=141&ssd=1&scd=76&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1108549/log/3/unip?en=page_view&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&tim=1664320393931&ref=null&cv=20220922-16-RELEASE&tos=141&ssd=1&scd=76&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1108549/log/3/unip?en=page_view&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&tim=1664320393931&ref=null&cv=20220922-16-RELEASE&tos=141&ssd=1&scd=76&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://bevhillsmd.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320396.369082,VS0,VE79
x-vcl-time-ms: 79
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&optOut=false&bust=05803374974813847&referrer=
70.42.32.31200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&optOut=false&bust=05803374974813847&referrer=
IP 70.42.32.31:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb&optOut=false&bust=05803374974813847&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 23:13:16 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 3b0e1ede3089ab201d81cda31618d968
content-encoding: gzip
player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/zh.json
151.101.86.27200 OK 5.3 kB URL HTTP/2 player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/zh.json
IP 151.101.86.27:0
File type JSON data\012- , Unicode text, UTF-8 text
Hash 686cc0a90236e1ec2c7438eb06fc0940
571ff71e0a2a29d168ee4f67c2a9c7de4f4917f8
79075195dfa7da51508cc6ba710a013885d0352f383b1075f947e37fa6894db6
GET /static/v4/stable/4.5.5/skin-plugin/zh.json HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 20eMRD/O43aOGdGFp68cAAH853s8HA3JPRhzDV5e70ayciU59wviM/aCxabWL80n9Ckchtj2Y5E=
x-amz-request-id: R3AJPCCNXEAT5GPB
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 30 Jun 2016 22:05:39 GMT
etag: "686cc0a90236e1ec2c7438eb06fc0940"
cache-control: max-age=3600, must-revalidate
accept-ranges: bytes
content-type: application/json
server: AmazonS3
access-control-allow-headers: *
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320396.058431,VS0,VE450
content-length: 5272
X-Firefox-Spdy: h2
player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/en.json
151.101.86.27200 OK 6.0 kB URL HTTP/2 player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/en.json
IP 151.101.86.27:0
File type JSON data\012- , ASCII text
Hash ab58a556b1cf024097ce25cb82843f36
31f9c7bc17e6ae51fe48a22b7b33c23683e21d90
5c715cfb617eedf4733bd13504ce52aea9267a07222d41d173f71c24956c7b9a
GET /static/v4/stable/4.5.5/skin-plugin/en.json HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Ha4VTstJpxJPNS4YqErjpm3PQRGH66WsGidq2irFgR+aS20U1oXBpGElqMkXfNvjJRKuNEtKt9M=
x-amz-request-id: 7R1Z0D2PWAZ5R0G2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 30 Jun 2016 22:05:38 GMT
etag: "ab58a556b1cf024097ce25cb82843f36"
cache-control: max-age=3600, must-revalidate
accept-ranges: bytes
content-type: application/json
server: AmazonS3
access-control-allow-headers: *
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320396.058131,VS0,VE450
content-length: 6018
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f
70.42.32.31200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f
IP 70.42.32.31:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00fdf3d552410ba5b50475bd4efa76e6e9,00e6b195296ba4a1068d4ed2746eb1352f HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 23:13:16 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: a6c5ee3ddcb565905456471b851d66ab
content-encoding: gzip
player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/es.json
151.101.86.27200 OK 6.6 kB URL HTTP/2 player.ooyala.com/static/v4/stable/4.5.5/skin-plugin/es.json
IP 151.101.86.27:0
File type JSON data\012- , Unicode text, UTF-8 text
Hash 1496884395b7890a510f43fd45c70a4a
e9064ccb2b4b49c467f186b35906171d211b6f3c
3f75da40f96986e59196c05f0647c50a59933e2e6db02fb315b54a7ae7ce3006
GET /static/v4/stable/4.5.5/skin-plugin/es.json HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: PkPJlyKAB1G+aXnzZC2/BsISeIaoEQFhp828Fx/9M7rkOi9j5o8Hj40RC8t2dLR50rYcfysSVI4=
x-amz-request-id: 8WRR358S7YS28J2V
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 30 Jun 2016 22:05:38 GMT
etag: "1496884395b7890a510f43fd45c70a4a"
cache-control: max-age=3600, must-revalidate
accept-ranges: bytes
content-type: application/json
server: AmazonS3
access-control-allow-headers: *
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320396.058237,VS0,VE472
content-length: 6565
X-Firefox-Spdy: h2
trc.taboola.com/1108549/trc/3/json?tim=1664320393931&data=%7B%22id%22%3A861%2C%22ii%22%3A%22%2Fdwf%2F180406b.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664320393928%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fn%3Ddb%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbeverlyhillsmd-deepwrinklefiller-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22tim%22%3A1664320393931%2C%22ref%22%3Anull%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A76%7D%7D&pubit=i
151.101.85.44200 OK 1.3 kB URL HTTP/2 trc.taboola.com/1108549/trc/3/json?tim=1664320393931&data=%7B%22id%22%3A861%2C%22ii%22%3A%22%2Fdwf%2F180406b.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664320393928%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fn%3Ddb%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbeverlyhillsmd-deepwrinklefiller-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22tim%22%3A1664320393931%2C%22ref%22%3Anull%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A76%7D%7D&pubit=i
IP 151.101.85.44:0
File type ASCII text, with very long lines (2418), with no line terminators
Hash 7cfbe0db3f7f60e40e605acf7d55040b
a5cb8f2036b017c2932f0438f9377ac089afc3d0
ba6c9e7de3bd39f080ba049ebe30e28831955175443ed1199fe4ad65fb09559c
GET /1108549/trc/3/json?tim=1664320393931&data=%7B%22id%22%3A861%2C%22ii%22%3A%22%2Fdwf%2F180406b.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664320393928%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fn%3Ddb%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dbeverlyhillsmd-deepwrinklefiller-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb%22%2C%22tim%22%3A1664320393931%2C%22ref%22%3Anull%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A76%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 23:13:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320396.251553,VS0,VE99
vary: Accept-Encoding
x-vcl-time-ms: 99
X-Firefox-Spdy: h2
trc-events.taboola.com/1108549/log/3/unip?en=pre_d_eng_tb&tos=4570&scd=76&ssd=1&est=1664320393928&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664320398500&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1108549/log/3/unip?en=pre_d_eng_tb&tos=4570&scd=76&ssd=1&est=1664320393928&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664320398500&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1108549/log/3/unip?en=pre_d_eng_tb&tos=4570&scd=76&ssd=1&est=1664320393928&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664320398500&vi=1664320393928&ri=aeeda3aa0c3718097ef06b1b8ad07f04&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Fbevhillsmd.com%2Fdwf%2F180406B.php%3Fn%3Ddb HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 23:13:20 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://bevhillsmd.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
in.getclicky.com/in.php?site_id=100881123&type=pageview&href=%2Fdwf%2F180406B.php%3Fn%3Ddb&title=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.3042866259278576
198.145.13.11200 OK 0 B URL HTTP/2 in.getclicky.com/in.php?site_id=100881123&type=pageview&href=%2Fdwf%2F180406B.php%3Fn%3Ddb&title=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.3042866259278576
IP 198.145.13.11:0
GET /in.php?site_id=100881123&type=pageview&href=%2Fdwf%2F180406B.php%3Fn%3Ddb&title=Beverly%20Hills%20MD%3A%20Deep%20Wrinkle%20Filler%20%7C%20Video&res=1280x1024&lang=en-US&tz=UTC&tc=&ck=1&mime=js&x=0.3042866259278576 HTTP/1.1
Host: in.getclicky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 23:13:16 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:
172.64.155.180200 OK 0 B URL HTTP/2 www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:
IP 172.64.155.180:0
GET /alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https: HTTP/1.1
Host: www2.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Cookie: _ga=GA1.2.574092237.1664320393; _gid=GA1.2.11103761.1664320393; _gat=1; _gcl_au=1.1.1694338189.1664320393; alternaiGuestId=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:; SessionId=848922549935; _csrf=_J8DWqYNsUiAoYYn38CF7XTD; XSRF-TOKEN=ri9udCQW-xJXMvnvpvZuRt2yVz4mhJzNmazU; _uetsid=f62d29c03eb911edb886f3db8a53a6ea; _uetvid=f62d4a403eb911ed90a60d31657a33b3; _jsuid=4247074359; _heatmaps_g2g_100881123=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:22 GMT
content-type: text/javascript;charset=UTF-8
cf-ray: 7517edf25f3ab515-OSL
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
set-cookie: XSRF-TOKEN=gS3H0ZLB-0_Rxah7jC9KD-X9WqqZLZEPuZ2Y; Path=/; Secure
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (991a05428f42), 1.1 spaces-router (991a05428f42)
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
beverlyhillsmd.com/cmd.php?ad=885438
172.64.155.20302 Found 0 B URL HTTP/2 beverlyhillsmd.com/cmd.php?ad=885438
IP 172.64.155.20:0
GET /cmd.php?ad=885438 HTTP/1.1
Host: beverlyhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 27 Sep 2022 23:13:13 GMT
content-type: text/html; charset=UTF-8
location: https://www.mcssl.com/SecureClient/track.ashx?885438&6
cf-ray: 7517edbcafa1b4fd-OSL
cf-cache-status: BYPASS
cf-apo-via: origin,qs
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bevhillsmd.com/css/fonts.css
172.64.155.180200 OK 0 B URL HTTP/2 bevhillsmd.com/css/fonts.css
IP 172.64.155.180:0
GET /css/fonts.css HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/css
cf-ray: 7517edc44edfb515-OSL
cache-control: public, max-age=3600
etag: W/"51c-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: REVALIDATED
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bevhillsmd.com/landing-scripts/css/colorbox.css
172.64.155.180200 OK 0 B URL HTTP/2 bevhillsmd.com/landing-scripts/css/colorbox.css
IP 172.64.155.180:0
GET /landing-scripts/css/colorbox.css HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/css
cf-ray: 7517edc45eeab515-OSL
cache-control: public, max-age=3600
etag: W/"f78-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:400,700
IP 142.250.74.10:0
GET /css?family=Raleway:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 23:13:15 GMT
date: Tue, 27 Sep 2022 23:13:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bevhillsmd.com/mdschoice/images/Phone_Icon_1.png
172.64.155.180404 Not Found 0 B URL HTTP/2 bevhillsmd.com/mdschoice/images/Phone_Icon_1.png
IP 172.64.155.180:0
GET /mdschoice/images/Phone_Icon_1.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc778eeb515-OSL
age: 0
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bevhillsmd.com/bevhillsmd.json
172.64.155.180200 OK 0 B URL HTTP/2 bevhillsmd.com/bevhillsmd.json
IP 172.64.155.180:0
GET /bevhillsmd.json HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: application/json
cf-ray: 7517edc7d93bb515-OSL
etag: W/"2925-5e99d0ebda480"
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:
172.64.155.180200 OK 0 B URL HTTP/2 www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:
IP 172.64.155.180:0
GET /alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https: HTTP/1.1
Host: www2.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Cookie: _ga=GA1.2.574092237.1664320393; _gid=GA1.2.11103761.1664320393; _gat=1; _gcl_au=1.1.1694338189.1664320393; alternaiGuestId=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:; SessionId=848922549935; _csrf=_J8DWqYNsUiAoYYn38CF7XTD; XSRF-TOKEN=Ay0qCW04-mm8pUU-9zvwEEi4oQkNdEA36NxI; _uetsid=f62d29c03eb911edb886f3db8a53a6ea; _uetvid=f62d4a403eb911ed90a60d31657a33b3; _jsuid=4247074359; _heatmaps_g2g_100881123=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:20 GMT
content-type: text/javascript;charset=UTF-8
cf-ray: 7517ede5ded6b515-OSL
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
set-cookie: XSRF-TOKEN=ri9udCQW-xJXMvnvpvZuRt2yVz4mhJzNmazU; Path=/; Secure
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (991a05428f42), 1.1 spaces-router (991a05428f42)
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bevhillsmd.com/dwf/180406B.php?n=db
172.64.155.180200 OK 0 B URL HTTP/2 bevhillsmd.com/dwf/180406B.php?n=db
IP 172.64.155.180:0
GET /dwf/180406B.php?n=db HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:14 GMT
content-type: text/html; charset=UTF-8
cf-ray: 7517edc2bda0b515-OSL
set-cookie: TestCookie170519A=1; expires=Wed, 28-Sep-2022 23:13:14 GMT; Max-Age=86400
via: 1.1 vegur
cf-cache-status: DYNAMIC
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25.png
172.64.155.180404 Not Found 0 B URL HTTP/2 bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25.png
IP 172.64.155.180:0
GET /dark-spot-corrector/images/Speaker_Icon-25.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc45ef2b515-OSL
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: EXPIRED
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25-flip.png
172.64.155.180404 Not Found 0 B URL HTTP/2 bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25-flip.png
IP 172.64.155.180:0
GET /dark-spot-corrector/images/Speaker_Icon-25-flip.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc758d7b515-OSL
age: 0
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
analytics.ooyala.com/static/v3/analytics.js
54.230.111.63200 OK 0 B URL HTTP/2 analytics.ooyala.com/static/v3/analytics.js
IP 54.230.111.63:0
GET /static/v3/analytics.js HTTP/1.1
Host: analytics.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 06 Dec 2017 21:56:30 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 27 Sep 2022 05:30:58 GMT
etag: W/"06415b496e4f069b3e9b835c6a33ebec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2xa6H7iKMBi83QwTkZhXETEhIi1IOC42rJsCaJ2yM_Rhj65r4hioyA==
age: 63738
X-Firefox-Spdy: h2
www2.bevhillsmd.com/request-ip
172.64.155.180200 OK 0 B URL HTTP/2 www2.bevhillsmd.com/request-ip
IP 172.64.155.180:0
GET /request-ip HTTP/1.1
Host: www2.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Cookie: _ga=GA1.2.574092237.1664320393; _gid=GA1.2.11103761.1664320393; _gat=1; _gcl_au=1.1.1694338189.1664320393; alternaiGuestId=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:; SessionId=848922549935
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:16 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7517edca2b22b515-OSL
cache-control: private, no-cache, max-age = 0
etag: W/"3e-PLBRs3DqXHEUZb0x6V8ewSP3kSU"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (991a05428f42)
cf-cache-status: DYNAMIC
set-cookie: _csrf=BvHL9XUQXibGvchs7KMBNAh5; Path=/
_csrf=7i0KAl9MiQn0f3ab48h4RwIs; Path=/
XSRF-TOKEN=1mFYs4IF-MHUNz3GYNvdtf3OunNwYwPiuS1E; Path=/; Secure
_csrf=_J8DWqYNsUiAoYYn38CF7XTD; Path=/
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:
172.64.155.180200 OK 0 B URL HTTP/2 www2.bevhillsmd.com/alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:
IP 172.64.155.180:0
GET /alternproxy/getVisitorId/?session_id=848922549935&callback=alternaiSet&external_id=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https: HTTP/1.1
Host: www2.bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Cookie: _ga=GA1.2.574092237.1664320393; _gid=GA1.2.11103761.1664320393; _gat=1; _gcl_au=1.1.1694338189.1664320393; alternaiGuestId=8c47b204-b06f-41c4-b6c3-724f4abba305,bevhillsmd.com,,blob:https:; SessionId=848922549935; _csrf=_J8DWqYNsUiAoYYn38CF7XTD; XSRF-TOKEN=1mFYs4IF-MHUNz3GYNvdtf3OunNwYwPiuS1E; _uetsid=f62d29c03eb911edb886f3db8a53a6ea; _uetvid=f62d4a403eb911ed90a60d31657a33b3; _jsuid=4247074359; _heatmaps_g2g_100881123=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:18 GMT
content-type: text/javascript;charset=UTF-8
cf-ray: 7517edd95e1bb515-OSL
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
set-cookie: XSRF-TOKEN=Ay0qCW04-mm8pUU-9zvwEEi4oQkNdEA36NxI; Path=/; Secure
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (991a05428f42), 1.1 spaces-router (991a05428f42)
cf-cache-status: DYNAMIC
pragma: no-cache
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: DENY
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bevhillsmd.com/landing-scripts/js/jquery.colorbox.js
172.64.155.180200 OK 0 B URL HTTP/2 bevhillsmd.com/landing-scripts/js/jquery.colorbox.js
IP 172.64.155.180:0
GET /landing-scripts/js/jquery.colorbox.js HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: application/javascript
cf-ray: 7517edc44ee3b515-OSL
cache-control: public, max-age=3600
etag: W/"7660-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bevhillsmd.com/mdschoice/images/Phone_Icon_1.png
172.64.155.180404 Not Found 0 B URL HTTP/2 bevhillsmd.com/mdschoice/images/Phone_Icon_1.png
IP 172.64.155.180:0
GET /mdschoice/images/Phone_Icon_1.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc46efbb515-OSL
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: EXPIRED
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
player.ooyala.com/static/v4/stable/4.24.9/skin-plugin/html5-skin.min.js
151.101.86.27200 OK 0 B URL HTTP/2 player.ooyala.com/static/v4/stable/4.24.9/skin-plugin/html5-skin.min.js
IP 151.101.86.27:0
GET /static/v4/stable/4.24.9/skin-plugin/html5-skin.min.js HTTP/1.1
Host: player.ooyala.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bzCzKXoGJELy78zEFvhtzsXUfAqXjCn4Md47q4KfLy2lejhblsa0miXMWWQtVK03UgVKUH9paMs=
x-amz-request-id: HR9F26MEVPGVZDG6
last-modified: Mon, 30 Apr 2018 21:12:54 GMT
etag: "1fd6bd02e363b248203f2cca4e06e53d"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=604800, must-revalidate
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 27 Sep 2022 23:13:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664320395.107555,VS0,VE13
vary: Accept-Encoding
content-length: 131604
X-Firefox-Spdy: h2
metrics-api.librato.com/v1/measurements
3.234.179.174401 Unauthorized 0 B URL HTTP/2 metrics-api.librato.com/v1/measurements
IP 3.234.179.174:0
POST /v1/measurements HTTP/1.1
Host: metrics-api.librato.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Basic YWJlbHJpb3NAb295YWxhLmNvbTo5NWQ1M2U4ODQxODM1ODM5NDY5ZjJhMmY5NmZkOTViNTY0MzQyZmZhZGZmNzU5YWQ5ZDQ5ZjE4OTc4MDVkYjFi
Content-Length: 265
Origin: https://bevhillsmd.com
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 401 Unauthorized
date: Tue, 27 Sep 2022 23:13:16 GMT
content-type: text/plain
www-authenticate: Basic realm="Librato API"
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: https://bevhillsmd.com
access-control-expose-headers: Location
server: roundhouse
X-Firefox-Spdy: h2
stat.bevhillskrssdmn.com/js/fp.min.js
172.64.154.27200 OK 0 B URL HTTP/2 stat.bevhillskrssdmn.com/js/fp.min.js
IP 172.64.154.27:0
Analyzer Verdict Alert quad9 Sinkholed
GET /js/fp.min.js HTTP/1.1
Host: stat.bevhillskrssdmn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:20 GMT
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
last-modified: Mon, 28 Feb 2022 18:51:11 GMT
pragma: no-cache
vary: accept-encoding
via: 1.1 spaces-router (991a05428f42)
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: MISS
server: cloudflare
cf-ray: 7517ede92ed4b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.getclicky.com/js
104.16.221.29200 OK 0 B IP 104.16.221.29:0
GET /js HTTP/1.1
Host: static.getclicky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
expires: Tue, 04 Oct 2022 14:43:09 GMT
cache-control: max-age=604800
x-proxy-cache: HIT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:43:36 GMT
cf-cache-status: HIT
age: 30605
server: cloudflare
cf-ray: 7517edc4ce7fb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bevhillsmd.com/landing-scripts/css/style2.css
172.64.155.180200 OK 0 B URL HTTP/2 bevhillsmd.com/landing-scripts/css/style2.css
IP 172.64.155.180:0
GET /landing-scripts/css/style2.css HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/css
cf-ray: 7517edc44ee0b515-OSL
cache-control: public, max-age=3600
etag: W/"7b1c-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bevhillsmd.com/dwf/js/jquery.cookie.js
172.64.155.180200 OK 0 B URL HTTP/2 bevhillsmd.com/dwf/js/jquery.cookie.js
IP 172.64.155.180:0
GET /dwf/js/jquery.cookie.js HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Cookie: TestCookie170519A=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: application/javascript
cf-ray: 7517edc45ef8b515-OSL
cache-control: public, max-age=3600
etag: W/"ca4-5e99d0ebda480"
expires: Wed, 28 Sep 2022 00:13:15 GMT
last-modified: Mon, 26 Sep 2022 23:40:50 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bevhillsmd.com/mdschoice/images/Email_Icon.png
172.64.155.180404 Not Found 0 B URL HTTP/2 bevhillsmd.com/mdschoice/images/Email_Icon.png
IP 172.64.155.180:0
GET /mdschoice/images/Email_Icon.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc46f01b515-OSL
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: EXPIRED
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25-flip.png
172.64.155.180404 Not Found 0 B URL HTTP/2 bevhillsmd.com/dark-spot-corrector/images/Speaker_Icon-25-flip.png
IP 172.64.155.180:0
GET /dark-spot-corrector/images/Speaker_Icon-25-flip.png HTTP/1.1
Host: bevhillsmd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bevhillsmd.com/dwf/180406B.php?n=db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Tue, 27 Sep 2022 23:13:15 GMT
content-type: text/html; charset=iso-8859-1
cf-ray: 7517edc45ef1b515-OSL
cache-control: public, max-age=3600
expires: Wed, 28 Sep 2022 00:13:15 GMT
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: EXPIRED
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2