bravotrk.com/?a=10362&c=125761&s1=sdfgthydweftrhtfed
52.6.114.11302 Found 234 B URL HTTP/1.1 bravotrk.com/?a=10362&c=125761&s1=sdfgthydweftrhtfed
IP 52.6.114.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 718eb32fbb5ec19e7044d0f8a0fd8a1e
d7645f44701e9b4238a70b6e7703f0a72d17f818
1cf9e205c196ee54dfca3c485dc71f193c50e91f35b6d1b018a647c5d2097502
GET /?a=10362&c=125761&s1=sdfgthydweftrhtfed HTTP/1.1
Host: bravotrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Thu, 27 Oct 2022 21:49:30 GMT
content-type: text/html; charset=utf-8
content-length: 234
cache-control: private
location: https://bravotrk.com/?a=10362&c=125761&s1=sdfgthydweftrhtfed&ckmguid=74a8a51b-7ca2-4b2c-88e2-05195bc057b9
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e997bec759570aa0db03e31bf013cc2
948fd8263ab0b40f75eaf9495f76a7f39f39d5f9
853f97990fe10ccb34066b1e73e93dac45794f42fb745b266b6a46b9e26d52e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "853F97990FE10CCB34066B1E73E93DAC45794F42FB745B266B6A46B9E26D52E9"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10662
Expires: Fri, 28 Oct 2022 00:47:12 GMT
Date: Thu, 27 Oct 2022 21:49:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 221b3fe9a6458de64d8bbfcd4a8e2f36
988c93428ff15108d46a11865e1c7e2782fbae34
a5ff1b60b9ef85086d0c6617d9d39cf17ae45855bf7b0ee24ec49ad5a863c18e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6154
Cache-Control: max-age=134653
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:30 GMT
Etag: "635a4fdd-1d7"
Expires: Sat, 29 Oct 2022 11:13:43 GMT
Last-Modified: Thu, 27 Oct 2022 09:31:09 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22eebb819dc140cc288474d9891526b4
45c18772664e9e3efb6a44d7da93699c81f71827
ce6a96e470dbfb48ff42fdaf5eaa464a87dc60b495e3e2767086ec0b6564fdd7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE6A96E470DBFB48FF42FDAF5EAA464A87DC60B495E3E2767086EC0B6564FDD7"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4878
Expires: Thu, 27 Oct 2022 23:10:48 GMT
Date: Thu, 27 Oct 2022 21:49:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: f+Hb7DqJ9V3impPtCMhlBfxyHOLvQPPmx4hgTQaX6c4HtGtqItBLauyDMf9gMSasRotXDviSdjhUVRO5s/bGRA==
x-amz-request-id: EXKE8CDWFGE524F6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 21:39:47 GMT
age: 583
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 21:49:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash c4b5c11bd7d667152dacdb7d555486f3
5b6849c1cc794b5c894c9cf8b0c9b80bbd1c9dc6
113f735f340b644a606c7fa127752a8d51effd1aa3be3543b0ab19ed3c763961
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 21:49:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 31 Oct 2022 21:49:26 GMT
ETag: "5b6849c1cc794b5c894c9cf8b0c9b80bbd1c9dc6"
Last-Modified: Thu, 27 Oct 2022 21:49:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 4
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760ea45d0b03fab4-OSL
bravotrk.com/?a=10362&c=125761&s1=sdfgthydweftrhtfed&ckmguid=74a8a51b-7ca2-4b2c-88e2-05195bc057b9
52.6.114.11302 Found 232 B URL HTTP/1.1 bravotrk.com/?a=10362&c=125761&s1=sdfgthydweftrhtfed&ckmguid=74a8a51b-7ca2-4b2c-88e2-05195bc057b9
IP 52.6.114.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 95dfcb044d5cc61491d4353baa049990
6e1a07c6df17185e14aba00a820f826a87c1d725
8f8d52402bce189b817782e97aad1ba68a9ad2c7a2299bbf2e71f64b3aca86a7
GET /?a=10362&c=125761&s1=sdfgthydweftrhtfed&ckmguid=74a8a51b-7ca2-4b2c-88e2-05195bc057b9 HTTP/1.1
Host: bravotrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 232
Content-Type: text/html; charset=utf-8
Date: Thu, 27 Oct 2022 21:49:31 GMT
Location: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=YlgXKOoG4mpYwp4cBhIk7+H50Vef0PHHXMPn/i8NaXl+M4un2j1lUw==; domain=.bravotrk.com; path=/; SameSite=None; secure; HttpOnly
trk=oELsAQJMV43RrvdgFQcztuH50Vef0PHHXMPn/i8NaXl+M4un2j1lUw==; domain=.bravotrk.com; expires=Sun, 27-Oct-2024 21:49:30 GMT; path=/; SameSite=None; secure; HttpOnly
c23844=YlgXKOoG4mqZQYPJQeHjvcvWLteQTBZbwB0McD1d5H08eBGUI9rwVw==; domain=.bravotrk.com; expires=Sat, 26-Nov-2022 21:49:29 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d72d2f5d05f03753594e43fd34398221
ac6795c1c33f3fa2139e7f8dc601c3e6de6029a5
036c965156cf07faecc342cb2e30b7a20def68ad4a10423951ce871a7a3a6777
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5868
Cache-Control: max-age=129306
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:31 GMT
Etag: "635a3c19-1d7"
Expires: Sat, 29 Oct 2022 09:44:37 GMT
Last-Modified: Thu, 27 Oct 2022 08:06:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7fe938252e71b6acb210c2db41020b84
1a23b3696e82eecf3227579be58b5cc41a8f7412
d69922abc04fca09768480f35da151974295390da14dff2b1a1fe82cf5c9afac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=104019
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:31 GMT
Etag: "6359f03e-117"
Expires: Sat, 29 Oct 2022 02:43:10 GMT
Last-Modified: Thu, 27 Oct 2022 02:43:10 GMT
Server: nginx
Content-Length: 279
push.services.mozilla.com/
54.187.146.10101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.146.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nkjGTXCux0EXQ41AiEBFbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Yqsf8r03ppH+Mdz5HWUFYxfbgj8=
theneurocalmpro.com/statics/img/prod_1_bottle.png
172.67.157.9200 OK 17 kB URL HTTP/2 theneurocalmpro.com/statics/img/prod_1_bottle.png
IP 172.67.157.9:0
File type PNG image data, 216 x 273, 8-bit colormap, non-interlaced\012- data
Hash 7c3774c44684d0cd1af8c4d8b1756532
7fe173814138c51ad8ca81145d0756f2374fe3b6
ffbdb21b8a7296e76cc578b293bf4a80afa6850e248b87146c48c1b61a357bc0
GET /statics/img/prod_1_bottle.png HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
Cookie: aff=770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: image/png
content-length: 17180
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 21:32:48 GMT
etag: "431c-618948f3-3e88a7;;;"
last-modified: Mon, 08 Nov 2021 15:57:39 GMT
cf-cache-status: HIT
age: 1004
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjBF7%2F7vZ2wLICEUmcMKt%2BUgqP1BnCbfiLdZxZMXkdKQpVnzfBxgz0jM0zZcNvgVlMElmodzT%2BIF%2BSLHlT6IlmPlGNe29RpRE7BnMRM9s1ys%2FgAF3MCktYYki5TLw4rnshiaQHvh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea4635c861c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/img/buy-now.png
172.67.157.9200 OK 5.4 kB URL HTTP/2 theneurocalmpro.com/statics/img/buy-now.png
IP 172.67.157.9:0
File type PNG image data, 568 x 120, 8-bit colormap, non-interlaced\012- data
Hash 5c9e2c0bb6b647aee72c6e20bd643488
1828d169c024f60de20db3af77e816430ad81fd7
def54f59168fab256eaff00cf4177aaa7ab9d94892a9829ec7bb2a4678e3b870
GET /statics/img/buy-now.png HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
Cookie: aff=770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: image/png
content-length: 5428
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 21:32:48 GMT
etag: "1534-618948f3-3e8871;;;"
last-modified: Mon, 08 Nov 2021 15:57:39 GMT
cf-cache-status: HIT
age: 1004
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGY0th4DyAG4D1lUfuTKxeGAnCb%2BE7%2BL7zMjAo97qLQYYNG4My8crkjOcw71G%2BlN0s9U%2FLVXvoQGQoCUnwu%2F8gI1lgD2ZvjehlULaMb37zf9C3lZ6cr0OhmNJFWjhDLq8F5ZDbUi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea4635c8e1c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/img/cards.png
172.67.157.9200 OK 3.7 kB URL HTTP/2 theneurocalmpro.com/statics/img/cards.png
IP 172.67.157.9:0
File type PNG image data, 344 x 41, 8-bit colormap, non-interlaced\012- data
Hash 8fd5d2a0c4dde1c395b5a06bffb6f684
2b85315cfcf1e2879c6fd98da6926b6a2e785443
6ecf33736bb94ded1f50db3043b1e39fd0742c53a881ee81b01b988247935eb4
GET /statics/img/cards.png HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
Cookie: aff=770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: image/png
content-length: 3713
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 21:32:48 GMT
etag: "e81-618948f3-3e8873;;;"
last-modified: Mon, 08 Nov 2021 15:57:39 GMT
cf-cache-status: HIT
age: 1004
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afBb0UMg4QuDCIMtTJY%2BB8LF3OPK0eYg%2BeMox4bU0qwzSV88iCdlwuxqU99rmsFyQ3DeMayJUhIdPNiQr5akihGinhXlozJ9yrYUKyueBBeVAZ9x%2B7L6riWkaJ3ACbeLJKujNVGT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea4635c931c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/img/prod_6_bottle.png
172.67.157.9200 OK 33 kB URL HTTP/2 theneurocalmpro.com/statics/img/prod_6_bottle.png
IP 172.67.157.9:0
File type PNG image data, 281 x 362, 8-bit colormap, non-interlaced\012- data
Hash 7b6277df32244c1747e1aea2cfb8c9c9
e5951b5b7466f047d81ea5fde62bc7ea280531cb
4f59108dd3f102ab64e89b6664ac46d05b2cf5d2e1018099d90653a85d38882b
GET /statics/img/prod_6_bottle.png HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
Cookie: aff=770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: image/png
content-length: 32951
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 21:32:48 GMT
etag: "80b7-618948f3-3e88a9;;;"
last-modified: Mon, 08 Nov 2021 15:57:39 GMT
cf-cache-status: HIT
age: 1004
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebKfdCFJHScGvF0itfW1ZXO1Vu42kt35cMf4j2G46RV%2BjkyvSgGw09E0cA6yQUImhHHIT0Xkb09ng0pzP3KBaXRbdBWqt6M58PEjgGAtGli0b7%2FT%2BxRbHARLK7rjZb8yzaEwvzi0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea4635c9e1c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/img/free-shp.png
172.67.157.9200 OK 483 B URL HTTP/2 theneurocalmpro.com/statics/img/free-shp.png
IP 172.67.157.9:0
File type PNG image data, 36 x 25, 8-bit colormap, non-interlaced\012- data
Hash 69ad65277e48d42b0ffd80d1105b9cad
4aa402cd78fdc12135714fa82f99fd4eb9a56e37
76193d8366a3d2f56afeaf7de708dba6f004f1d94157762581b4eaa36df7b674
GET /statics/img/free-shp.png HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
Cookie: aff=770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: image/png
content-length: 483
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 21:32:48 GMT
etag: "1e3-618948f3-3e8889;;;"
last-modified: Mon, 08 Nov 2021 15:57:39 GMT
cf-cache-status: HIT
age: 1004
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRPBEPX2%2FLhSNrMUrmk9QgN47FYOxj8qTCXZVKafEBKi5VxzCx1WkukEMgbPdhdIOYT8CWwrCxwbaqlGoPqBEGNsajsH%2BvbBi0nG1tmYN6by45%2BNgXhAcjJ5kBVn6iZ3DLzPf57t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea4635c911c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/img/prod_3_bottle.png
172.67.157.9200 OK 21 kB URL HTTP/2 theneurocalmpro.com/statics/img/prod_3_bottle.png
IP 172.67.157.9:0
File type PNG image data, 217 x 291, 8-bit colormap, non-interlaced\012- data
Hash 64d0438f8ecb852bd40c3bed08e5d198
5f6cd9a343e28c7e502764caf19a2046a2d84e1a
062b4e5adba9abcbb57dd09c346af9bcca9a66a79dca67a72744a009c5520bf7
GET /statics/img/prod_3_bottle.png HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
Cookie: aff=770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: image/png
content-length: 21251
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 21:32:48 GMT
etag: "5303-618948f3-3e88a8;;;"
last-modified: Mon, 08 Nov 2021 15:57:39 GMT
cf-cache-status: HIT
age: 1004
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVDseH7ILSF1S4rdu0F5jZQhZRSBa%2FjaZh6%2Fx4wWRwjH3rrv2quPf4mRGMNmCJ9PtUx5AL%2BAo1CwROBCL9U%2FxlaC436dBWg%2B8xJt0MYuHleGGO%2FiJrVH%2BTUBIsg0cEPapf6oBkJ6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea4636ca31c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 26fdec60253dfde18f532a86d9212ffe
0fbe0c3dc7369aed36e0f081888206e8961ec7a3
e556dc5896289cbeca257187d5f60a3679e171be2e5ee5c684b2ccae57b9717b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6194
Cache-Control: max-age=170322
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Etag: "635adb0c-117"
Expires: Sat, 29 Oct 2022 21:08:14 GMT
Last-Modified: Thu, 27 Oct 2022 19:25:00 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 68030
expires: Tue, 17 Oct 2023 21:49:32 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 760ea463ab4db51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 09bceae2700934aebce5970dc4a5a56d
722f196ebcf3a28ea6430a9f6565d909ef9764b3
20c040c0fa97dc7e50e38e928575100be84a2ff50a288ed7ead1c0a5d92b4134
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2984
Cache-Control: max-age=103769
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Etag: "6359e39d-117"
Expires: Sat, 29 Oct 2022 02:39:01 GMT
Last-Modified: Thu, 27 Oct 2022 01:49:17 GMT
Server: ECS (amb/6B76)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 26fdec60253dfde18f532a86d9212ffe
0fbe0c3dc7369aed36e0f081888206e8961ec7a3
e556dc5896289cbeca257187d5f60a3679e171be2e5ee5c684b2ccae57b9717b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6023
Cache-Control: max-age=170151
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Etag: "635adb0c-117"
Expires: Sat, 29 Oct 2022 21:05:23 GMT
Last-Modified: Thu, 27 Oct 2022 19:25:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TDWJ6ZL
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TDWJ6ZL
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 1b6ac420630efd32e4293290e9f67fb6
f3a8aa7713602661043bb4fb201b89ceeb8123bb
17a7adae8755277362799bfa2b9db2d8161a038111e9d13d4ef8a204284e0b9f
GET /gtm.js?id=GTM-TDWJ6ZL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 21:49:32 GMT
expires: Thu, 27 Oct 2022 21:49:32 GMT
cache-control: private, max-age=900
last-modified: Thu, 27 Oct 2022 21:04:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7fe938252e71b6acb210c2db41020b84
1a23b3696e82eecf3227579be58b5cc41a8f7412
d69922abc04fca09768480f35da151974295390da14dff2b1a1fe82cf5c9afac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=104018
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Etag: "6359f03e-117"
Expires: Sat, 29 Oct 2022 02:43:10 GMT
Last-Modified: Thu, 27 Oct 2022 02:43:10 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 22d8fa6fd643af9f099e519e1a816ff0
f77e788ff19549ac77d0ddb70af4e4615a668a0b
3e5119e3205c18eb533ec40fe91130712c92fba102349ecc3fa1f33f0d1f2836
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143254
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Etag: "635a8982-117"
Expires: Sat, 29 Oct 2022 13:37:06 GMT
Last-Modified: Thu, 27 Oct 2022 13:37:06 GMT
Server: nginx
Content-Length: 279
vdlvry.com/videoboxes/universal_player/player.css
104.21.3.212200 OK 912 B URL HTTP/2 vdlvry.com/videoboxes/universal_player/player.css
IP 104.21.3.212:0
File type ASCII text, with very long lines (1753), with no line terminators
Hash 7fd2e2eb27032757f6072252c9ab8671
268ebacd169f1210831a6bc0d1723d2993590b00
cc389e08302c8a626bcb9a1def5adb86615dbf3fabc12ec8d76b8509a2d03457
GET /videoboxes/universal_player/player.css HTTP/1.1
Host: vdlvry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2202
etag: W/"045ebe2e0dd2855b1006326ea91cd0ef"
last-modified: Tue, 25 Oct 2022 11:16:14 GMT
x-amz-id-2: RFDae4v4dUU0EDaRAK/DbLKOml290vl7o/98cIxkB4dokCkKFj4m/xvN6s11iGlUCX9vPM2Umss=
x-amz-request-id: Z8ABAVJBF3E66X1J
cache-control: max-age=14400
cf-cache-status: HIT
age: 210692
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMFGynSW62o1mQlI0LEU%2B6plZfod2v%2FZ7BkUvSG3nvnJlg2u4Xh0drkL7VflHnqJysQ2e2zmTxYFB8JQEC52mQ5POTO4x83zZAKEy%2B9ywxxr3Ty%2Boj9L0DS5Hiw6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea465ab68b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/css/style.css
172.67.157.9200 OK 2.0 kB URL HTTP/2 theneurocalmpro.com/statics/css/style.css
IP 172.67.157.9:0
File type ASCII text, with very long lines (5234), with no line terminators
Hash f3800a2936163471faa66c6780d9490b
4920a650de1ee0f8b20d20dcc9225df37d2bf83b
e9dcc70772a3e3c2649e0d8b846bcd26650a25f5bd700e28d5d21ddc47e78f71
GET /statics/css/style.css HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
Cookie: aff=770
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: text/css
cache-control: public, max-age=604800
cf-bgj: minify
cf-polished: origSize=6679
etag: W/"1a17-62b592e3-3e84bc;gz"
expires: Thu, 03 Nov 2022 21:32:48 GMT
last-modified: Fri, 24 Jun 2022 10:33:07 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1004
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL9LPj1WJQ%2FY0%2FnTOwMQvuhvTsR18D%2BEykk8dg97Vuv7zX7%2FKTWARf%2BXsUw4cdPKlcHneB1lM%2FhEmpA7NCqwBSJMQlAm2NCK2s7bFW5DiR3f%2F083YQoahKsJU4vr%2FCZ4P8K2uIJa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760ea4635c811c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 22d8fa6fd643af9f099e519e1a816ff0
f77e788ff19549ac77d0ddb70af4e4615a668a0b
3e5119e3205c18eb533ec40fe91130712c92fba102349ecc3fa1f33f0d1f2836
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143254
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Etag: "635a8982-117"
Expires: Sat, 29 Oct 2022 13:37:06 GMT
Last-Modified: Thu, 27 Oct 2022 13:37:06 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c14c3f7d8817b44fda85ba769cc83062
bf41520c5a807058748db49621e7d6ee4ecf5729
eb15bf461ab810e1487ece424600f22d33bebc4f438ef6a10927df18dda0d216
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.buygoods.com/images/buygoods_black.png
172.66.40.141200 OK 4.5 kB URL HTTP/2 www.buygoods.com/images/buygoods_black.png
IP 172.66.40.141:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 72bfa5a711311050989a65056ed84e7d
dd99b3f59b3bc9c1139cfcbf7e6c96974518beb1
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159
GET /images/buygoods_black.png HTTP/1.1
Host: www.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: image/webp
content-length: 4492
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=9596
content-disposition: inline; filename="buygoods_black.webp"
vary: Accept
cache-control: public, max-age=315360000
etag: "59b77ee8-257c"
expires: Sun, 24 Oct 2032 21:49:32 GMT
last-modified: Tue, 12 Sep 2017 06:30:00 GMT
cf-cache-status: HIT
age: 24800
accept-ranges: bytes
server: cloudflare
cf-ray: 760ea4675fd0b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 09bceae2700934aebce5970dc4a5a56d
722f196ebcf3a28ea6430a9f6565d909ef9764b3
20c040c0fa97dc7e50e38e928575100be84a2ff50a288ed7ead1c0a5d92b4134
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 71
Cache-Control: max-age=100856
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Etag: "6359e39d-117"
Expires: Sat, 29 Oct 2022 01:50:28 GMT
Last-Modified: Thu, 27 Oct 2022 01:49:17 GMT
Server: ECS (amb/6B73)
X-Cache: HIT
Content-Length: 279
vdlvry.com/videoboxes/universal_player/img/sound.svg
104.21.3.212200 OK 49 kB URL HTTP/2 vdlvry.com/videoboxes/universal_player/img/sound.svg
IP 104.21.3.212:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (2361)
Hash 35c92c0019d1099bcd73edcc6ea6abf4
aff4469e8b8929d78ac663c9fd8938272405384f
5182cd074804e6486858466b69c521942fd16b4a0420f2d0b9b2bbe846b44c30
GET /videoboxes/universal_player/img/sound.svg HTTP/1.1
Host: vdlvry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vdlvry.com/videoboxes/universal_player/player.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: image/svg+xml
x-amz-id-2: ALc9YK/aWFeR25pIvif/paVpuTUkXTtNcVs0FnaU92WYDdJaZvDIwU/aVkbw5CW9ryJ5KfTYML0=
x-amz-request-id: 1DB62Y5BARF5JDT2
last-modified: Tue, 25 Oct 2022 11:16:13 GMT
etag: W/"9ff1ce7aee30346dc851134b7a009341"
cache-control: max-age=14400
cf-cache-status: HIT
age: 210690
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKSuFSjeL8dRbbG%2Fd4%2FWUWZsmU9KGbggeOGcF0KPW7RnP%2B6M076rfNXD37l971ONORAUHFuOEc1AqErX49m2UCjHuLzxk%2BK2oTTxO5sbN%2BGy3d9r8r7bd25ROEEb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea465dba8b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3397
Expires: Thu, 27 Oct 2022 22:46:09 GMT
Date: Thu, 27 Oct 2022 21:49:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3397
Expires: Thu, 27 Oct 2022 22:46:09 GMT
Date: Thu, 27 Oct 2022 21:49:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3397
Expires: Thu, 27 Oct 2022 22:46:09 GMT
Date: Thu, 27 Oct 2022 21:49:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3397
Expires: Thu, 27 Oct 2022 22:46:09 GMT
Date: Thu, 27 Oct 2022 21:49:32 GMT
Connection: keep-alive
theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
172.67.157.9200 OK 17 kB URL HTTP/2 theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
IP 172.67.157.9:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5653)
Hash cc9d98db704261ce3733f12c2dfc808c
8f476e5e253624f12e0310f71df6601ecbfd0bd8
108acff93e22d9654f392ba5661266f08d6232911d4b4e65dfc9bc8183402d82
GET /video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422 HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:31 GMT
content-type: text/html; charset=UTF-8
set-cookie: aff=770
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkpyRR2a3LdboU1g9jG46gL67YCAfSrYNOi9A57HR3X6I9sv7%2BwymznR4sYzktat1ARUysey3TtVR0CWH8Be%2F%2FwgGjsD7Mh8hGOrh8UE9ZY6LGWgZqpN6I1dDJt38WlpEnLyoBAr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760ea460aaa01c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 09bceae2700934aebce5970dc4a5a56d
722f196ebcf3a28ea6430a9f6565d909ef9764b3
20c040c0fa97dc7e50e38e928575100be84a2ff50a288ed7ead1c0a5d92b4134
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=100785
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Etag: "6359e39d-117"
Expires: Sat, 29 Oct 2022 01:49:17 GMT
Last-Modified: Thu, 27 Oct 2022 01:49:17 GMT
Server: nginx
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ded5eb41644bfe7ea87cff5ab0d79f0
9b13eca2d768277b92c05a8a82743018489783a6
3de7fcc3e9c8a107e4c5d6e59506ec71e68129a8351e47af63930873775ac3f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15768
x-amzn-requestid: ab678277-5d12-4ae2-9af7-f15fab294657
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRoclEbBoAMFz9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508783-344a14d17bfcd6b12ffe02b0;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:25:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AgS3Yq-WCRRnFvCxMcwq13lQz8cGvvdwZ51C3H0szmB0iyZLb9mf-A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:09 GMT
age: 86303
etag: "9b13eca2d768277b92c05a8a82743018489783a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vdlvry.com/videoboxes/universal_player/img/continue.svg
104.21.3.212200 OK 11 kB URL HTTP/2 vdlvry.com/videoboxes/universal_player/img/continue.svg
IP 104.21.3.212:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a1141f54ad5cb2c5b2993682942ceda0
7184c4f4499a418d2c317c063649f3a896f2f6ac
99f212eb4898daf77752eaddd3444661c6f0d2648d8cf68ddb325b1742676a5c
GET /videoboxes/universal_player/img/continue.svg HTTP/1.1
Host: vdlvry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vdlvry.com/videoboxes/universal_player/player.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: image/svg+xml
x-amz-id-2: W469molmOQSqeKyyGtP/9jC7A+M8wnR+Be8d80SCK2V/e2N6wEnmyVorGgVXNIlTdWHWbI2Gmjo=
x-amz-request-id: MWD0S6JYV9FDDW1G
last-modified: Tue, 25 Oct 2022 11:16:13 GMT
etag: W/"da3214aad7f5fa6291be28071138408d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 210684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nP%2B2DpfAuffrD9z3wVQipRMMXJITf9hT1vCoLrKaIQKk6xSKgWrnJGzr9yPmabv7bOBPcd6m5O98r5YO87MpSm9IvDl%2FT3w9CikZwpBEkupGSsCsNPdpepvcYfOi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea465dba7b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/css/webfont.css
172.67.157.9200 OK 4.6 kB URL HTTP/2 theneurocalmpro.com/statics/css/webfont.css
IP 172.67.157.9:0
File type ASCII text, with no line terminators
Hash 4a95273670427f3db5d5af437bbae104
ba273b823dfc38cecf56ea1f50ff917c027e0e04
ffa43d3d1891b8a62f087476b42c07ae0d48417ff371c13a3f70b958ab448a95
GET /statics/css/webfont.css HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
Cookie: aff=770
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: text/css
cache-control: public, max-age=604800
cf-bgj: minify
cf-polished: origSize=357
etag: W/"165-618948f3-3e882e;gz"
expires: Thu, 03 Nov 2022 21:32:48 GMT
last-modified: Mon, 08 Nov 2021 15:57:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1004
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngZTH%2FUGXnttedYjsEH9PVmgleJCLBsGXi%2FKN08TbNUlhV8ZTAkTEGTalMyvQABSD%2BUQ4IT0AhUVlTptDo38XLStTBKX6DOTW7QzYsByu3%2Bi40rZfKYvhC6YW8wpO8yvVgQX7MCS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760ea4635c821c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:52 GMT
age: 86320
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2193431d88baf9af6829421cd13743ff
a192ab139ad0dc5cf206986eb06028ddad224e46
c535e09fb4a53ca580f5f5926d1494c50b6ad6c7c9ec78df6b7015213852b737
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5dac341-2b9d-4d07-ab3f-dafe74f88664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9720
x-amzn-requestid: 6b4749ca-bcb9-4274-a309-e6d463851a6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aV_n6FOSIAMFroA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63524632-56186f1f2a0bf68f6dba843b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 07:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: awGcZ7hlJqQCVCFg5Xf_UnpmIlGPQrziJaMIzu5iB4kDTnAcxABX9Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 27 Oct 2022 17:28:58 GMT
age: 15634
etag: "a192ab139ad0dc5cf206986eb06028ddad224e46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5e83a28b4cf3704ed7ee9b5b209caec6
9da8bd6baa00c240f5fe8511be7ebdc5166c18cf
021e6992122fcdc5803bd23e45f2fbb7b26f2c7d1d027dd5f9163d90f9fd6a36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-194057059-5&cid=1741361795.1666907371&jid=1662779173&gjid=959562958&_gid=199072962.1666907372&_u=aADAAEAAQAAAACAAI~&z=1210160508
173.194.222.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-194057059-5&cid=1741361795.1666907371&jid=1662779173&gjid=959562958&_gid=199072962.1666907372&_u=aADAAEAAQAAAACAAI~&z=1210160508
IP 173.194.222.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-194057059-5&cid=1741361795.1666907371&jid=1662779173&gjid=959562958&_gid=199072962.1666907372&_u=aADAAEAAQAAAACAAI~&z=1210160508 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://theneurocalmpro.com
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://theneurocalmpro.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 27 Oct 2022 21:49:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-83Q85EEGDV>m=2oeaq0&_p=172891287&cid=1741361795.1666907371&ul=en-us&sr=1280x1024&_s=1&sid=1666907371&sct=1&seg=0&dl=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3Dsdfgthydweftrhtfed%26subid3%3D527154422&dt=Neuro%20Calm%20Pro%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-83Q85EEGDV>m=2oeaq0&_p=172891287&cid=1741361795.1666907371&ul=en-us&sr=1280x1024&_s=1&sid=1666907371&sct=1&seg=0&dl=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3Dsdfgthydweftrhtfed%26subid3%3D527154422&dt=Neuro%20Calm%20Pro%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-83Q85EEGDV>m=2oeaq0&_p=172891287&cid=1741361795.1666907371&ul=en-us&sr=1280x1024&_s=1&sid=1666907371&sct=1&seg=0&dl=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3Dsdfgthydweftrhtfed%26subid3%3D527154422&dt=Neuro%20Calm%20Pro%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theneurocalmpro.com
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://theneurocalmpro.com
date: Thu, 27 Oct 2022 21:49:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5e83a28b4cf3704ed7ee9b5b209caec6
9da8bd6baa00c240f5fe8511be7ebdc5166c18cf
021e6992122fcdc5803bd23e45f2fbb7b26f2c7d1d027dd5f9163d90f9fd6a36
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 21:46:16 GMT
expires: Fri, 27 Oct 2023 21:46:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 12:31:58 GMT
expires: Sun, 22 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 465455
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e63a6e99afc26edeaa6e0ec14ea98868
6909f81a74cb2479794f87397c2c9f7bbe759721
af5090a668f3b5293473c111761ca086d6e77a40cd9b5022d669327736034a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6dbacbd0a939540742f8ac82346c5dcd
8a00a49fc1575f2036891927b1e7776ba432e5aa
0b15105845eb7830b13540f94bc1425517b51597c76b5e10b1f4abc5575ac466
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 27 Oct 2022 21:49:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 21:44:05 GMT
expires: Thu, 27 Oct 2022 21:59:05 GMT
cache-control: public, max-age=900
age: 328
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/fonts/Montserrat-Light.woff
172.67.157.9200 OK 132 kB URL HTTP/2 theneurocalmpro.com/statics/fonts/Montserrat-Light.woff
IP 172.67.157.9:0
File type Web Open Font Format, TrueType, length 131780, version 7.200\012- data
Size 132 kB (132241 bytes)
Hash 2a20322d63cbaeaaa1504663fca46b3b
3b62ad9184d61dc344ea91f404f9e9d42322e637
e93ebc09e15ad5df3bfcf46b1e4233c2a54b4f1949c3cfac07e77a40df31d3bc
Analyzer Verdict Alert fortinet Phishing
GET /statics/fonts/Montserrat-Light.woff HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/statics/css/style.css
Cookie: aff=770
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: application/font-woff
etag: W/"202c4-618948f3-3e8853;;;"
last-modified: Mon, 08 Nov 2021 15:57:39 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1004
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4pZnalddRGvhW19WYJbiZ6GbqrNmyZQJ5i8Kn7le8NJUmMOnYtnc6bapXdL3SOFCH6MEb8IzVtmwjK17oesQ1E6LGSzglgxDftha4BUFWN6EHch%2BcmpBoA4%2F%2BRsuUd1EyXJWLTX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea463dcf21c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ebf576a8883ec7320a5abfe95c1d2abb
11da08de468be30e4cf71bdfa66b0f6d32516476
6366a880d911a4445e2cd2d935836583f84ac79385961c3d9c747484ba373e1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ebf576a8883ec7320a5abfe95c1d2abb
11da08de468be30e4cf71bdfa66b0f6d32516476
6366a880d911a4445e2cd2d935836583f84ac79385961c3d9c747484ba373e1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 27 Oct 2022 21:49:33 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a63ea2903767bb46326d85331e42e34e
b113b248df6025ed117551b7baa1960316122415
4ba54e12a06237d2c396d93e1cf9513b066074df9993ee408ee2bfb365c5f3c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7a75209bdf9cfeaca312b699eb99dba2
547c6d0925d67ab57503b82b9f46c6721ba2a9ff
64368604cdd39c713f82951ac48d32408fc07d46eefcd16640541ab3005c53e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 88444b15c146dcf9c618730edd269101
4a805c7f9c531259bc5e2ac939be3fb38b48b369
5f40206c672d828a13cc1543c3eb2f33c8177e6b3d2a1fa2ebaf85a75164b012
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 27 Oct 2022 21:49:33 GMT
server: ESF
cache-control: private
content-length: 30654
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu8GHbHrwFE9pudNOvI0Lnpu8ZuFMCMN20qSqx0pm8Q_Hq3nzffEr4swq1bNoF_v=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.6 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8GHbHrwFE9pudNOvI0Lnpu8ZuFMCMN20qSqx0pm8Q_Hq3nzffEr4swq1bNoF_v=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
Hash 815e8c742f7a6c6efd3a90601ad21ff1
1f7242d4e6e4b0b0d1744d8f26b9200241805beb
7d026685c98f5933ab26f19a64d5e71e94ab9430a09df475b1c881e572d8ad74
GET /ytc/AMLnZu8GHbHrwFE9pudNOvI0Lnpu8ZuFMCMN20qSqx0pm8Q_Hq3nzffEr4swq1bNoF_v=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 967
x-xss-protection: 0
date: Thu, 27 Oct 2022 21:13:33 GMT
expires: Fri, 28 Oct 2022 21:13:33 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 2160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/U__vy9oQYEAHXumYNbpwDo-BHbCBWjMavCmQTt1Znio.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/U__vy9oQYEAHXumYNbpwDo-BHbCBWjMavCmQTt1Znio.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35596)
Hash ce08ce3721002876ba0c9656500a5e93
412da7b61117bb611ec2661b42620e46cd6608a8
3309d6188baeb3ae4fa75122e3652f132eae5bee1ce1f8a3742f410c2c6eaa6c
GET /js/th/U__vy9oQYEAHXumYNbpwDo-BHbCBWjMavCmQTt1Znio.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 21:42:00 GMT
expires: Fri, 27 Oct 2023 21:42:00 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 11 Oct 2022 09:30:00 GMT
content-type: text/javascript
age: 453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ebf576a8883ec7320a5abfe95c1d2abb
11da08de468be30e4cf71bdfa66b0f6d32516476
6366a880d911a4445e2cd2d935836583f84ac79385961c3d9c747484ba373e1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7a75209bdf9cfeaca312b699eb99dba2
547c6d0925d67ab57503b82b9f46c6721ba2a9ff
64368604cdd39c713f82951ac48d32408fc07d46eefcd16640541ab3005c53e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9faf26c5c6ab15230f54b2b5f97fe83a
dde631973d5223b1a79874eb538c9a30ddf2d7bd
a18a68e26eaf555a610731c8af896b4dab1ee264af3e60146e85ca4279c2c988
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9faf26c5c6ab15230f54b2b5f97fe83a
dde631973d5223b1a79874eb538c9a30ddf2d7bd
a18a68e26eaf555a610731c8af896b4dab1ee264af3e60146e85ca4279c2c988
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1666928973&ei=7fxaY4mQMpbR7gTjs5vYBQ&ip=91.90.42.154&id=o-AGB58u3eRjb5BMmCnVVyLNKTM77d0PagtAX52CvejKVA&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpx--aXRGdOCdF0WVEpa-r2lOKRE&vprv=1&mime=video%2Fwebm&ns=lxMql_vKd6gWX9fMLFZQ02cI&gir=yes&clen=102503453&dur=3996.450&lmt=1654305107379663&mt=1666906285&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437432&n=DhaGSb2BAzUNYg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTDVS9OzWgLklX6b02XDHv6XBmdBkzBYGPWFrMlFyTtQCICk_b5IvXCGitiuKbhifxOil-TeSICc3jzGo3CqS245g&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgUFvks2-lBlu3R1lOu1lmE0Lg9gRCgD_WfRcqpQZCRDACIQDgSYZiU-9dtclc6BOvZHlDA4FQzx6s--LeyMe5JN7t1w%3D%3D&alr=yes&cpn=jn5SLjHR4KKEk70j&cver=1.20221025.01.00&range=0-159365&rn=1&rbuf=0
91.90.45.173200 OK 159 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1666928973&ei=7fxaY4mQMpbR7gTjs5vYBQ&ip=91.90.42.154&id=o-AGB58u3eRjb5BMmCnVVyLNKTM77d0PagtAX52CvejKVA&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpx--aXRGdOCdF0WVEpa-r2lOKRE&vprv=1&mime=video%2Fwebm&ns=lxMql_vKd6gWX9fMLFZQ02cI&gir=yes&clen=102503453&dur=3996.450&lmt=1654305107379663&mt=1666906285&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437432&n=DhaGSb2BAzUNYg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTDVS9OzWgLklX6b02XDHv6XBmdBkzBYGPWFrMlFyTtQCICk_b5IvXCGitiuKbhifxOil-TeSICc3jzGo3CqS245g&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgUFvks2-lBlu3R1lOu1lmE0Lg9gRCgD_WfRcqpQZCRDACIQDgSYZiU-9dtclc6BOvZHlDA4FQzx6s--LeyMe5JN7t1w%3D%3D&alr=yes&cpn=jn5SLjHR4KKEk70j&cver=1.20221025.01.00&range=0-159365&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Size 159 kB (159366 bytes)
Hash 8e45c56e152d1cacc481d8df7a1bfe7c
6d79ad067d744f04bf707f3aa804e1100e901204
410ad76f8e39725512063e89b01deb2ea4b7ff4d8d8596b098b725632fa5e10a
GET /videoplayback?expire=1666928973&ei=7fxaY4mQMpbR7gTjs5vYBQ&ip=91.90.42.154&id=o-AGB58u3eRjb5BMmCnVVyLNKTM77d0PagtAX52CvejKVA&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpx--aXRGdOCdF0WVEpa-r2lOKRE&vprv=1&mime=video%2Fwebm&ns=lxMql_vKd6gWX9fMLFZQ02cI&gir=yes&clen=102503453&dur=3996.450&lmt=1654305107379663&mt=1666906285&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437432&n=DhaGSb2BAzUNYg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTDVS9OzWgLklX6b02XDHv6XBmdBkzBYGPWFrMlFyTtQCICk_b5IvXCGitiuKbhifxOil-TeSICc3jzGo3CqS245g&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgUFvks2-lBlu3R1lOu1lmE0Lg9gRCgD_WfRcqpQZCRDACIQDgSYZiU-9dtclc6BOvZHlDA4FQzx6s--LeyMe5JN7t1w%3D%3D&alr=yes&cpn=jn5SLjHR4KKEk70j&cver=1.20221025.01.00&range=0-159365&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 04 Jun 2022 01:11:47 GMT
Content-Type: video/webm
Date: Thu, 27 Oct 2022 21:49:34 GMT
Expires: Thu, 27 Oct 2022 21:49:34 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 159366
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1666928973&ei=7fxaY4mQMpbR7gTjs5vYBQ&ip=91.90.42.154&id=o-AGB58u3eRjb5BMmCnVVyLNKTM77d0PagtAX52CvejKVA&itag=251&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpx--aXRGdOCdF0WVEpa-r2lOKRE&vprv=1&mime=audio%2Fwebm&ns=lxMql_vKd6gWX9fMLFZQ02cI&gir=yes&clen=68325369&dur=3996.481&lmt=1654303945504846&mt=1666906285&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=DhaGSb2BAzUNYg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALbLFtsa3o9m2yRHpNbacjb6W0xbNAvxE_7Ep07EtY6xAiEA-e2j2tb8SE95algiYEBjGoc63w6_d3FmyPLRWcI7KJk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgUFvks2-lBlu3R1lOu1lmE0Lg9gRCgD_WfRcqpQZCRDACIQDgSYZiU-9dtclc6BOvZHlDA4FQzx6s--LeyMe5JN7t1w%3D%3D&alr=yes&cpn=jn5SLjHR4KKEk70j&cver=1.20221025.01.00&range=0-72893&rn=2&rbuf=0
91.90.45.173200 OK 73 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1666928973&ei=7fxaY4mQMpbR7gTjs5vYBQ&ip=91.90.42.154&id=o-AGB58u3eRjb5BMmCnVVyLNKTM77d0PagtAX52CvejKVA&itag=251&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpx--aXRGdOCdF0WVEpa-r2lOKRE&vprv=1&mime=audio%2Fwebm&ns=lxMql_vKd6gWX9fMLFZQ02cI&gir=yes&clen=68325369&dur=3996.481&lmt=1654303945504846&mt=1666906285&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=DhaGSb2BAzUNYg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALbLFtsa3o9m2yRHpNbacjb6W0xbNAvxE_7Ep07EtY6xAiEA-e2j2tb8SE95algiYEBjGoc63w6_d3FmyPLRWcI7KJk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgUFvks2-lBlu3R1lOu1lmE0Lg9gRCgD_WfRcqpQZCRDACIQDgSYZiU-9dtclc6BOvZHlDA4FQzx6s--LeyMe5JN7t1w%3D%3D&alr=yes&cpn=jn5SLjHR4KKEk70j&cver=1.20221025.01.00&range=0-72893&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 8c3e475d74d2830aa0842ed595059d24
9118e033ddd78f37a70ed65fe026f67fe05d479d
d8220cf73aab3e9625e75e229e6d9450171fafc093fa734accfbb2fb59981bd4
GET /videoplayback?expire=1666928973&ei=7fxaY4mQMpbR7gTjs5vYBQ&ip=91.90.42.154&id=o-AGB58u3eRjb5BMmCnVVyLNKTM77d0PagtAX52CvejKVA&itag=251&source=youtube&requiressl=yes&mh=V4&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpx--aXRGdOCdF0WVEpa-r2lOKRE&vprv=1&mime=audio%2Fwebm&ns=lxMql_vKd6gWX9fMLFZQ02cI&gir=yes&clen=68325369&dur=3996.481&lmt=1654303945504846&mt=1666906285&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=DhaGSb2BAzUNYg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALbLFtsa3o9m2yRHpNbacjb6W0xbNAvxE_7Ep07EtY6xAiEA-e2j2tb8SE95algiYEBjGoc63w6_d3FmyPLRWcI7KJk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIgUFvks2-lBlu3R1lOu1lmE0Lg9gRCgD_WfRcqpQZCRDACIQDgSYZiU-9dtclc6BOvZHlDA4FQzx6s--LeyMe5JN7t1w%3D%3D&alr=yes&cpn=jn5SLjHR4KKEk70j&cver=1.20221025.01.00&range=0-72893&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 04 Jun 2022 00:52:25 GMT
Content-Type: audio/webm
Date: Thu, 27 Oct 2022 21:49:34 GMT
Expires: Thu, 27 Oct 2022 21:49:34 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 72894
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9faf26c5c6ab15230f54b2b5f97fe83a
dde631973d5223b1a79874eb538c9a30ddf2d7bd
a18a68e26eaf555a610731c8af896b4dab1ee264af3e60146e85ca4279c2c988
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 21:49:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 27 Oct 2022 21:49:34 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b4cdaa57f6062b357053857f018f85c
f3084a5326506741835b4e404fc217d9ee774a37
696c1309f489e189944a4e6a2b3deb41ba32474cda9f76ad317f007a242f4fc8
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 883
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 27 Oct 2022 21:49:34 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tracking.buygoods.com/track/?a=6316&firstcookie=0&referrer=&product=&sessid2=&caller_url=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3Dsdfgthydweftrhtfed%26subid3%3D527154422
172.66.40.234200 OK 0 B URL HTTP/2 tracking.buygoods.com/track/?a=6316&firstcookie=0&referrer=&product=&sessid2=&caller_url=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3Dsdfgthydweftrhtfed%26subid3%3D527154422
IP 172.66.40.234:0
GET /track/?a=6316&firstcookie=0&referrer=&product=&sessid2=&caller_url=https%3A%2F%2Ftheneurocalmpro.com%2Fvideo.php%3Faff_id%3D770%26subid%3D10362%26subid2%3Dsdfgthydweftrhtfed%26subid3%3D527154422 HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:33 GMT
content-type: application/javascript
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
set-cookie: spiaffid_6316=770; expires=Wed, 25-Jan-2023 21:49:33 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisubid_6316=10362%7Csdfgthydweftrhtfed; expires=Wed, 25-Jan-2023 21:49:33 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spicampaign_id_6316=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6316=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6316=91.90.42.154::theneurocalmpro.com%2Fvideo; expires=Wed, 25-Jan-2023 21:49:33 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisessid2_6316=sessid20221027214937257; expires=Wed, 25-Jan-2023 21:49:33 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spi_funnel_codename_6316=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 760ea467aa020afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vdlvry.com/setups/NCP/lead3_a2.json
104.21.3.212200 OK 0 B URL HTTP/2 vdlvry.com/setups/NCP/lead3_a2.json
IP 104.21.3.212:0
GET /setups/NCP/lead3_a2.json HTTP/1.1
Host: vdlvry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://theneurocalmpro.com
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: application/json
x-amz-id-2: aiDRqLEQ3pgODLKrt4Jix8CNpXHfdWaIrolFyr0I/o7x6QlPvFX/NzTkNGJIZprVpmp6qmoAsT4=
x-amz-request-id: NQ9219Y1XZ6Q1CC5
access-control-allow-origin: *
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 25 Oct 2022 11:16:03 GMT
etag: W/"18f572cd82a2a9b664cb75847f58735b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1004
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JTYzCZLotQS6rtro06yn67w9VsuORzarVYtsFTfauDBxQvJSWQebLL4a00msZpnfPZa03%2BLyALgwRvWXB1RRh6IRPkJ2hd0eo1oCdWWWcGJhVlpMpqFRsSkqLXo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760ea4658db30b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6316
172.66.40.141200 OK 0 B URL HTTP/2 display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6316
IP 172.66.40.141:0
GET /v1/disclaimer?id=disclaimer&account_id=6316 HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 760ea463fc7cb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vdlvry.com/videoboxes/universal_player/img/play.svg
104.21.3.212200 OK 0 B URL HTTP/2 vdlvry.com/videoboxes/universal_player/img/play.svg
IP 104.21.3.212:0
GET /videoboxes/universal_player/img/play.svg HTTP/1.1
Host: vdlvry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vdlvry.com/videoboxes/universal_player/player.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: image/svg+xml
x-amz-id-2: mq1EPoO+fkA8OfmvO+yzt9YudggNKN1GxtaZh/YozqTur48VLSLuz60qriwbhjLdosQa6kDXa3g=
x-amz-request-id: MWD8SQ9MJAG7P0HX
last-modified: Tue, 25 Oct 2022 11:16:13 GMT
etag: W/"6480518c3ee84b12c4afb12648563407"
cache-control: max-age=14400
cf-cache-status: HIT
age: 210684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2REyfL%2BS4PveBT4fnDg2X4pUtdzd8%2Ff2a0Rb4VKZaC7Om9J8uqFZR18doK%2B7Fxwt0IYma7se%2BArt%2BTL1dj8VJ%2Fzd0Nl1qvEV0YYsgqUPLzPw66srQABnaGdfg31"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea465dba6b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tracking.buygoods.com/track/?a=6316&firstcookie=0&referrer=&product=&sessid2=
172.66.40.234200 OK 0 B URL HTTP/2 tracking.buygoods.com/track/?a=6316&firstcookie=0&referrer=&product=&sessid2=
IP 172.66.40.234:0
GET /track/?a=6316&firstcookie=0&referrer=&product=&sessid2= HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 760ea465881e0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/css/bootstrap.min.css
172.67.157.9200 OK 0 B URL HTTP/2 theneurocalmpro.com/statics/css/bootstrap.min.css
IP 172.67.157.9:0
GET /statics/css/bootstrap.min.css HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/video.php?aff_id=770&subid=10362&subid2=sdfgthydweftrhtfed&subid3=527154422
Cookie: aff=770
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 21:32:48 GMT
etag: W/"27293-618948f3-3e8827;gz"
last-modified: Mon, 08 Nov 2021 15:57:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1004
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMaPZ6%2FFNVk0JxNSXUZ8%2Fb8r5fA3Y%2B%2FG614OOOEI8D6elWNJB5SuOBj7Hmdmkra%2FSyf2Cu5EbtvW9pNlX2%2ByTmg3tZ50sAQeFDpKyPdc9xe%2Fa4cHhJM54eH68YXYph8x59pnhg6C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760ea4635c7f1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/fonts/Montserrat-ExtraBold.woff
172.67.157.9200 OK 0 B URL HTTP/2 theneurocalmpro.com/statics/fonts/Montserrat-ExtraBold.woff
IP 172.67.157.9:0
Analyzer Verdict Alert fortinet Phishing
GET /statics/fonts/Montserrat-ExtraBold.woff HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/statics/css/style.css
Cookie: aff=770
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: application/font-woff
etag: W/"207bc-618948f3-3e8852;;;"
last-modified: Mon, 08 Nov 2021 15:57:39 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1004
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGv8LXgx2pCGMBuOq4vYE0Oih4hbtZC0ivnMQitnlMtcbsY%2FHoduKScjtQQeSQYmFJOa6TOcJolVI0ZpMwbR7duppggl0Q%2BXshjBJTLAWGEm5OwwItqh%2FD02YyL2VJ06k9Id8IIb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea463dced1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vdlvry.com/videoboxes/universal_player/player.js
104.21.3.212200 OK 0 B URL HTTP/2 vdlvry.com/videoboxes/universal_player/player.js
IP 104.21.3.212:0
GET /videoboxes/universal_player/player.js HTTP/1.1
Host: vdlvry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=26691
etag: W/"3570c3555099bb1eb33b3a5e9578fdb7"
last-modified: Tue, 25 Oct 2022 11:16:14 GMT
x-amz-id-2: t122sCIi2bZOntsfhZZ4SUkKNYujpaL67LhxXf9qPNFltf4cwRjBZ/+B11TuuPlGG6LeIHNoy2A=
x-amz-request-id: KJYYZB3SADXA4WTG
cache-control: max-age=14400
cf-cache-status: HIT
age: 210698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NZCIf8aLQ5ONrIfFcoIzg8CzLqE2JdrNI4XDSEtC2WAJt5Yxuyz%2BZ866GvaEBFz2LXXBfSPoxKufBxbBcZA1LzahM7dfbObwrjT%2FXvQ1vVb2%2Bh5NtQwjtD%2BsqKT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760ea4655aebb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theneurocalmpro.com/statics/img/video_page_background.png
172.67.157.9404 Not Found 0 B URL HTTP/2 theneurocalmpro.com/statics/img/video_page_background.png
IP 172.67.157.9:0
GET /statics/img/video_page_background.png HTTP/1.1
Host: theneurocalmpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theneurocalmpro.com/statics/css/style.css
Cookie: aff=770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 27 Oct 2022 21:49:32 GMT
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkGPwJzzYf%2FKq79eFFDji6uXrGKS3lNOHAvRonyYgTLmGDn9z57U8Kr7M4vcF5ewkRE%2Fwv7qoN6UMUU%2FS0Ew045BP1iwnNlUxr2pyuXgekcLS7i6Vhtr25lnmHs4%2BA0XGNPfqE0G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760ea463dcec1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2