Overview

URL master.masterclasstoolbox.com/ga/click/2-310069428-1588-14322-27966-25840-3877e8b63b-u2188d28be
IP144.91.96.103
ASNContabo GmbH
Location Germany
Report completed2022-09-28 07:50:20 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-28 2 master.masterclasstoolbox.com/ga/click/2-310069428-1588-14322-27966-25840-3 (...) Phishing
2022-09-28 2 mwebnice.com/7367/542/2/?subid=XMdgerbdmmlot Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-28 04:36:20 UTC 142.250.74.3
mnemonic passive DNS fast.vidalytics.com (10) 218005 2017-02-08 02:49:35 UTC 2022-09-27 22:47:56 UTC 151.139.128.11
mnemonic passive DNS stats.vidalytics.com (4) 153185 2017-02-08 02:49:35 UTC 2022-09-27 22:47:56 UTC 107.178.211.97
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 54.148.17.90
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-28 04:19:13 UTC 93.184.220.29
mnemonic passive DNS analytics-ingress-global.bitmovin.com (7) 47119 2017-08-18 05:30:44 UTC 2022-09-28 05:56:48 UTC 35.190.27.197
mnemonic passive DNS tracking.buygoods.com (1) 303552 2017-10-16 20:08:32 UTC 2022-09-27 15:04:23 UTC 172.66.43.22
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:06:48 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.110
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-28 04:36:33 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 05:04:09 UTC 143.204.55.115
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-28 06:28:23 UTC 142.250.74.10
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-27 04:52:31 UTC 192.124.249.24
mnemonic passive DNS mwebnice.com (1) 0 2022-02-18 00:05:35 UTC 2022-09-28 06:38:59 UTC 172.67.146.245 Unknown ranking
mnemonic passive DNS getvarislim.com (1) 0 2022-04-07 18:06:38 UTC 2022-09-27 08:43:10 UTC 104.21.56.58 Unknown ranking
mnemonic passive DNS master.masterclasstoolbox.com (1) 0 2022-07-08 05:02:32 UTC 2022-09-28 04:42:33 UTC 144.91.96.103 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 144.91.96.103

Date UQ / IDS / BL URL IP
2022-11-30 02:25:19 +0000
0 - 0 - 1 master.masterclasstoolbox.com/ga/click/2-3666 (...) 144.91.96.103
2022-11-30 00:53:34 +0000
0 - 0 - 1 master.masterclasstoolbox.com/ga/click/2-3665 (...) 144.91.96.103
2022-11-29 06:47:21 +0000
0 - 0 - 1 master.masterclasstoolbox.com/ga/click/2-3666 (...) 144.91.96.103
2022-11-29 03:50:21 +0000
0 - 0 - 1 master.masterclasstoolbox.com/ga/click/2-3666 (...) 144.91.96.103
2022-11-29 03:07:30 +0000
0 - 0 - 1 master.masterclasstoolbox.com/ga/click/2-3666 (...) 144.91.96.103

Last 5 reports on ASN: Contabo GmbH

Date UQ / IDS / BL URL IP
2022-12-09 18:23:27 +0000
0 - 0 - 1 qx.whatsccpoffer.buzz/ 185.239.208.35
2022-12-09 15:49:50 +0000
0 - 0 - 1 mw1tracking.elm.proquickviz.com/index.php/cam (...) 75.119.141.56
2022-12-09 15:21:52 +0000
2 - 0 - 0 cepco-sa.com/sign.php 213.136.93.164
2022-12-09 13:31:35 +0000
0 - 0 - 10 niyogarage.com/gali 109.205.177.80
2022-12-09 13:05:57 +0000
0 - 0 - 2 literatura.edu.bo/A/aol/mail/challenge.php?email= 62.171.169.185

Last 5 reports on domain: masterclasstoolbox.com

Date UQ / IDS / BL URL IP
2022-11-30 02:25:19 +0000
0 - 0 - 1 master.masterclasstoolbox.com/ga/click/2-3666 (...) 144.91.96.103
2022-11-30 00:53:34 +0000
0 - 0 - 1 master.masterclasstoolbox.com/ga/click/2-3665 (...) 144.91.96.103
2022-11-29 06:47:21 +0000
0 - 0 - 1 master.masterclasstoolbox.com/ga/click/2-3666 (...) 144.91.96.103
2022-11-29 03:50:21 +0000
0 - 0 - 1 master.masterclasstoolbox.com/ga/click/2-3666 (...) 144.91.96.103
2022-11-29 03:07:30 +0000
0 - 0 - 1 master.masterclasstoolbox.com/ga/click/2-3666 (...) 144.91.96.103

No other reports with similar screenshot



JavaScript

Executed Scripts (18)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 4, repeated: 1) - SHA256: b1ab1e892617f210425f658cf1d361b5489028c8771b56d845fe1c62c1fbc8b0

                                        2022
                                    


HTTP Transactions (55)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 07:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vuz0oL3YQ8cFNTHn93-NLBIcS5xHdk7MgvLMGSQR8ClkGE31s3axOg==
Age: 2069


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5914
Expires: Wed, 28 Sep 2022 09:28:42 GMT
Date: Wed, 28 Sep 2022 07:50:08 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XfELSb1rjN5c2Sidgxjj70oJQaR_NmSU5bYDqxl89M3jMfdDMDN4YQ==
age: 80755
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /ga/click/2-310069428-1588-14322-27966-25840-3877e8b63b-u2188d28be HTTP/1.1 
Host: master.masterclasstoolbox.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         144.91.96.103
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Date: Wed, 28 Sep 2022 07:49:43 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
X-Request-Id: 26c238e60134bb2e5970272b988a57b2
Location: https://mwebnice.com/7367/542/2/?subid=XMdgerbdmmlot
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.019893
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   118
Md5:    25197bbb3ad5176fa1a3a174a04f693f
Sha1:   004fe86df038be37204072814bb960eb54d4c861
Sha256: d1499a24b04bd347062f0496167ba34eeb0b5afe0c4d439a8ef0bb1d76fa7c8c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 07:50:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 07:50:08 GMT
Server: ECS (amb/6B80)
Content-Length: 278

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 08:18:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2Duf1-0nwPGCBwvBHnrzPa-DxbzKDYCvRN6UrWq-MSng2xFLuhGTNQ==
Age: 1236


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4129
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 07:50:09 GMT
Last-Modified: Wed, 28 Sep 2022 06:41:20 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /uVIqLiPmd00+KDLn7j6ew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.17.90
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6NYPqYJc+pVEbsBXtBHk6azYIvk=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1245
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 07:50:09 GMT
Last-Modified: Wed, 28 Sep 2022 07:29:24 GMT
Server: ECS (amb/6BB1)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:50:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:50:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1245
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 07:50:09 GMT
Last-Modified: Wed, 28 Sep 2022 07:29:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:50:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:50:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:51:08 GMT
expires: Thu, 21 Sep 2023 19:51:08 GMT
cache-control: public, max-age=31536000
age: 561542
last-modified: Wed, 11 May 2022 19:24:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Size:   17032
Md5:    05a47f9e469d408c629f931cd33ff8b2
Sha1:   823f21f7b1d456db889c3afea393f0d2b9581c38
Sha256: 6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:50:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:14:12 GMT
expires: Mon, 25 Sep 2023 18:14:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 221758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 562562
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   15896
Md5:    f9e426b63e1abc239712ee31c978c40d
Sha1:   25c01f4b3a0094796c6be9a158d6a791ea38819d
Sha256: 0a35a27583c2690490fc027217a7bbb1c1ce1378c66c4bcf65f931eec14e695e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 07:50:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /embeds/jdhYaPoK/W4nyplvDxxB4_U8E/loader.min.js HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 07:50:10 GMT
cache-control: no-store, private, max-age=0, s-max-age=0
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 15:11:02 GMT
x-guploader-uploadid: ADPycdvn1XhJt_ruOvKy5CGIw-LQllO4MZVpKcAfWk3P-Jp7QcpaMm8LHrxRR-5PKiN2_yT3OyuS-H1gTR6e1J9mvqz8-OtKJPdm
expires: Wed, 28 Sep 2022 07:50:10 GMT
etag: "7a2d5ba4b1b79951f8e8477988912d1a"
x-goog-generation: 1664291462740503
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10092
x-goog-hash: crc32c=eDlU3Q==, md5=ei1bpLG3mVH46Ed5iJEtGg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-cdn-info: loader
x-cdn: 4
x-hw: 1664351410.cds015.sk1.hn,1664351410.cds243.sk1.sc,1664351410.cds243.sk1.p
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (41208), with CRLF, LF line terminators
Size:   508621
Md5:    03b9cc700f0475ea91cb9ca9db2dc9a6
Sha1:   7711de771d125941b0bd2f85424caf5c1df9326f
Sha256: fb12cde619b95f9eb1e568be517971d401c1393b574d06725c7915ff949266de
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14069
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 07:50:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14069
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 07:50:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14069
Expires: Wed, 28 Sep 2022 11:44:39 GMT
Date: Wed, 28 Sep 2022 07:50:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
age: 36072
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   40451
Md5:    489bfda917069e0542145cbed0989bcc
Sha1:   c28c6ebbcd4302e4aff2502b5cad5da2b49d40f6
Sha256: f10b6f34ed8aa9ac7faef3424a7f5e981b1349106ae4f79ec905d5499ba8c055
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9314
x-amzn-requestid: ed84d0e5-30c5-4841-ba9d-3626234b2056
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VbFqBoAMFy-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c22-5d0ccbc31fb085be45ef947b;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yBDUlVwqRnXuJKsaz3vbFNhtNvihQMuk5wX5y4UmEKm1D21wSVdJHQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "60c873f097c85376797fed366804119f7e9c445e"
age: 36072
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9314
Md5:    3c58fdf09a7d552be0c8666522a29de7
Sha1:   60c873f097c85376797fed366804119f7e9c445e
Sha256: 24569f084d3fd428526503bde8b3da64152911934cd5e0e9140c06d954e4bcd9
                                        
                                            GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 07:50:09 GMT
date: Wed, 28 Sep 2022 07:50:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6546
Md5:    78839daf929c691b6fbf18c4eb873b52
Sha1:   eabe640b9cb0826db2f68f2ac957a3bb50609f8b
Sha256: 0faf41e434e7d4b28a2218e2929613e29aae2ebceec5779152ed85435feb4b89
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11314
x-amzn-requestid: 0ceafc65-764c-4367-b031-257061eb65d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF00oAMFUpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-0d46481b7394081b14a81131;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ve8l6PxpMuBLt5BxwywNpqM2ISt0zy2r_gweYnVw4X65PBEhpMbckg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:00 GMT
age: 36250
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   26804
Md5:    c3700bd250481b6904381aad3f2dae94
Sha1:   0e95c72f1a21c84022bf5dba42a233189a179c91
Sha256: 7cb21a642445ebe84d1d333ffc9510f95e281927890bdb83cced6278342f9751
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EbkbN72NJbDqfnJjnaUcitG0W6yk8vR__5zLvdidXuWqh7VQK2O8OA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:18:40 GMT
age: 34290
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6721
Md5:    c4a66beda24621e812a929933c52025d
Sha1:   e951f6b11e473b68d2fdd95b822cef120d37b1eb
Sha256: 28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:08:22 GMT
age: 2508
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6157
Md5:    b255b252ceed088d6f505e7e9acfcb55
Sha1:   a6b1c3e0d506ac1c66405e061e9910fafb176a7d
Sha256: b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7
                                        
                                            GET /video/jdhYaPoK/MYxPUUVVbjK8_Oly/74734/64718/stream.mpd HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: application/dash+xml
                                        
date: Wed, 28 Sep 2022 07:50:11 GMT
content-length: 5842
last-modified: Mon, 12 Sep 2022 18:18:17 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdsV524-awpOBORj1AjGSuZgfQm36ch_q0pXOfI3_3Znfc02w4HRz8G3obwFklbLj6MERl7TJ-TfSPvczLj4au9orA
cache-control: public, max-age=31104000
etag: "bdf06e888b2e4f7f55a6f3a1f5956e97"
x-goog-generation: 1663006697139503
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5842
x-goog-hash: crc32c=wKYpfA==, md5=vfBuiIsuT39VpvOh9ZVulw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1664351411.cds245.sk1.hn,1664351411.cds023.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text
Size:   5842
Md5:    bdf06e888b2e4f7f55a6f3a1f5956e97
Sha1:   83f027a6366df9abd849ba40cff490f9ee29d80c
Sha256: c434b1788578a5ee59e3f6970728d7e89d5fc2ad6b7ade10fda31e8817eb537c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 07:50:11 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 21:30:41 GMT
Expires: Wed, 28 Sep 2022 21:30:41 GMT
ETag: "4d57a8f627038d1ee9cd7f22936b9bbd9f801de4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    aba1b30bf88b8cb85afa08158f6bf8ff
Sha1:   4d57a8f627038d1ee9cd7f22936b9bbd9f801de4
Sha256: fe63bf3370f45ba258c9cef5486bd6eb7c9b8afc1afbeae4200b0e33969ffe0c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 07:50:11 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 21:30:41 GMT
Expires: Wed, 28 Sep 2022 21:30:41 GMT
ETag: "4d57a8f627038d1ee9cd7f22936b9bbd9f801de4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    aba1b30bf88b8cb85afa08158f6bf8ff
Sha1:   4d57a8f627038d1ee9cd7f22936b9bbd9f801de4
Sha256: fe63bf3370f45ba258c9cef5486bd6eb7c9b8afc1afbeae4200b0e33969ffe0c
                                        
                                            POST /licensing HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 102
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.27.197
HTTP/2 200 OK
content-type: application/json
                                        
server: v1.53.1
date: Wed, 28 Sep 2022 07:50:10 GMT
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   117
Md5:    f90d2c53623621471228392bf3047e2a
Sha1:   b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
Sha256: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
                                        
                                            GET /video/jdhYaPoK/MYxPUUVVbjK8_Oly/74734/64718/webm/video/1920x1080_vp9_2500000/init.mp4 HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Wed, 28 Sep 2022 07:50:11 GMT
content-length: 459
last-modified: Mon, 12 Sep 2022 18:07:51 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdvUW9TjW_Ohw1b9xH_MWT8xcK0QDTufcXAnbpquunFX0eFZw6OiCdF7wcilnqT_peveNabf-PChEiWZOE0Gubf2NQ
cache-control: public, max-age=31104000
etag: "a3725d50570be6b4e9e147c686fc217d"
x-goog-generation: 1663006071182081
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 459
x-goog-hash: crc32c=i1gvzQ==, md5=o3JdUFcL5rTp4UfGhvwhfQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1664351411.cds245.sk1.hn,1664351411.cds246.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  WebM\012- EBML file, creator webmB\20\012- data
Size:   459
Md5:    a3725d50570be6b4e9e147c686fc217d
Sha1:   869a8d730a5e1a5fc6238ac603063a744af62107
Sha256: 830343d1d63d4cdd5272bded3870fa1f4f8a2093335f2a295b94b43d3f5e3468
                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1229
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 28 Sep 2022 07:50:10 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 387
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.178.211.97
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 28 Sep 2022 07:50:11 GMT
content-length: 16
x-envoy-upstream-service-time: 0
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 520
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.178.211.97
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 28 Sep 2022 07:50:11 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 248
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.178.211.97
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 28 Sep 2022 07:50:11 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            GET /video/jdhYaPoK/MYxPUUVVbjK8_Oly/74734/64718/webm/video/1920x1080_vp9_2500000/s_0.webm HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Wed, 28 Sep 2022 07:50:12 GMT
accept-ranges: bytes
content-length: 777298
x-hw: 1664351411.cds245.sk1.hn,1664351411.cds238.sk1.s,1664351411.dop210.la3.r,1664351412.cds228.la3.c,1664351411.cds238.sk1.p
x-cdn: 4
x-guploader-uploadid: ADPycdtMIJQk7aGJyWXgt4cxBYCSYAcGCigYCXKSuHBfS06K5tDzX-ConkJiElF7U7ZdhdaldVhaO6m-9rtb3sJiFfjZHw
x-goog-generation: 1663006071458192
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 777298
x-goog-hash: crc32c=sQtlYw==, md5=dwoSCt3EbqHFnD1KgPuSOA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=31104000
etag: "770a120addc46ea1c59c3d4a80fb9238"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Mon, 12 Sep 2022 18:07:51 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   777298
Md5:    770a120addc46ea1c59c3d4a80fb9238
Sha1:   3962b42c01f056126d3b7289ffd70cda59585f68
Sha256: 0236d2ba66cf51592bdaab41bc3bff055c54fc407937ebca1700f8aeb3c064a0
                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1811
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 28 Sep 2022 07:50:13 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1773
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 28 Sep 2022 07:50:13 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1765
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 28 Sep 2022 07:50:13 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            GET /video/jdhYaPoK/MYxPUUVVbjK8_Oly/74734/64718/webm/video/1920x1080_vp9_2500000/s_1.webm HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Wed, 28 Sep 2022 07:50:13 GMT
accept-ranges: bytes
content-length: 993463
x-hw: 1664351413.cds245.sk1.hn,1664351413.cds258.sk1.s,1664351413.dop062.la3.r,1664351413.cds250.la3.c,1664351413.cds258.sk1.p
x-cdn: 4
x-guploader-uploadid: ADPycdvNuC1Ya-b2Mnc4PEBjkG_HXF604K0HN1uUaSDEt9_Sk0awVPNUBdInR0wUaNSumq1UhntE07siS-8F2hzkJc_GtqtH6L3Q
cache-control: public, max-age=31104000
etag: "3336bf516bf985ca61dee6400e5493e4"
x-goog-generation: 1663006069943092
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 993463
x-goog-hash: crc32c=u2mS8A==, md5=Mza/UWv5hcph3uZADlST5A==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Mon, 12 Sep 2022 18:07:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   993463
Md5:    3336bf516bf985ca61dee6400e5493e4
Sha1:   ac426902c48839d2a3058b453b23303da88ab222
Sha256: 56b73102eaf79bf8033fca0ae16bb73251d80f77f529d8696e72efe2b94c7e24
                                        
                                            GET /video/jdhYaPoK/MYxPUUVVbjK8_Oly/74734/64718/webm/video/1920x1080_vp9_2500000/s_2.webm HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Wed, 28 Sep 2022 07:50:15 GMT
content-length: 772520
last-modified: Mon, 12 Sep 2022 18:07:52 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycds__sDiIHpt-HfxZzUpvR5Nt9LoDNHDw3mf9EgSbJ5nrW6coFZCcL-jOj-kAQ0ENuI2Fp8e--MuhnWfiZfa-xTr
x-goog-generation: 1663006072415841
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 772520
x-goog-hash: crc32c=j9dqzg==, md5=qNbRowRNw5jGdgvOfZWoqg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=31104000
etag: "a8d6d1a3044dc398c6760bce7d95a8aa"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1664351415.cds245.sk1.hn,1664351415.cds217.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   772520
Md5:    a8d6d1a3044dc398c6760bce7d95a8aa
Sha1:   420fb9dc0514118faa5757f7e47de193e8e221ab
Sha256: 91b3a4e68f0e8193cc26f7d52d20debcc9b2f4634e43dc5d92ca186721091641
                                        
                                            GET /video/jdhYaPoK/MYxPUUVVbjK8_Oly/74734/64718/webm/video/1920x1080_vp9_2500000/s_3.webm HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Wed, 28 Sep 2022 07:50:15 GMT
content-length: 970690
last-modified: Mon, 12 Sep 2022 18:07:58 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdtbYUUZ9WxnHbLQ0FNWt6gyaXAvQHKUmVLpWlKRhrVF81kviWT0W0oJSQKlw4ibm93QCxzaALh6Tf7Y0Hb4Bl8Oysos6huu
cache-control: public, max-age=31104000
etag: "d464dd8458f12c64242005f9477d32e9"
x-goog-generation: 1663006078012326
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 970690
x-goog-hash: crc32c=BRvWvw==, md5=1GTdhFjxLGQkIAX5R30y6Q==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1664351415.cds245.sk1.hn,1664351415.cds003.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   970690
Md5:    d464dd8458f12c64242005f9477d32e9
Sha1:   aeb07a660cea741861dfb4749a981030fd6e02f1
Sha256: 306c9a69b2529a763da8178960f5089b6f986695b9240a1f9b61170c08485277
                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 186
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.178.211.97
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 28 Sep 2022 07:50:16 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            GET /video/jdhYaPoK/MYxPUUVVbjK8_Oly/74734/64718/webm/video/1920x1080_vp9_2500000/s_4.webm HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Wed, 28 Sep 2022 07:50:15 GMT
accept-ranges: bytes
content-length: 1271872
x-hw: 1664351415.cds245.sk1.hn,1664351415.cds217.sk1.s,1664351415.dop230.la3.r,1664351415.cds107.la3.c,1664351415.cds217.sk1.p
x-cdn: 4
x-guploader-uploadid: ADPycdum56AsWu045mhTIEG42UvhbNbEruIJMZFQ8m-TgfEuCNaHzVyt7nff89GxBBmcKL6EVjw_SPlB98tfcpAtd139Fw
cache-control: public, max-age=31104000
etag: "c5b293407a97b70818efa71229ee5f33"
x-goog-generation: 1663006081589512
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1271872
x-goog-hash: crc32c=Mm+mRQ==, md5=xbKTQHqXtwgY76cSKe5fMw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Mon, 12 Sep 2022 18:08:01 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1271872
Md5:    c5b293407a97b70818efa71229ee5f33
Sha1:   fe7013a7deba61c523dd91833b0ded6c600c11a2
Sha256: 96f8a9305823d82150949d1958ce7abfb3f23bacebf8d4fe02a68c4889ae7fc8
                                        
                                            GET /video/jdhYaPoK/MYxPUUVVbjK8_Oly/74734/64718/webm/video/1920x1080_vp9_2500000/s_5.webm HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Wed, 28 Sep 2022 07:50:17 GMT
content-length: 851888
last-modified: Mon, 12 Sep 2022 18:07:52 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdt-6y1eFu5Ci0cCqvBgnzxoo2GouZZYjn6rjrErKhgOUGPOClij5MmMRcg8VTxC6zludwYswn7aswh9R7mBMiZZ9S2Dogj1
cache-control: public, max-age=31104000
etag: "5b4115a4dd4fcd48ae855a478bb5ce3d"
x-goog-generation: 1663006071987373
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 851888
x-goog-hash: crc32c=yYFnNQ==, md5=W0EVpN1PzUiuhVpHi7XOPQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1664351417.cds245.sk1.hn,1664351417.cds067.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   851888
Md5:    5b4115a4dd4fcd48ae855a478bb5ce3d
Sha1:   45c264d037d4d3b64f9f1559265551e289a5ed90
Sha256: e3fbedb29c9140502acbc67fafc1f2bd345975c314700f903758f3128e94b6ce
                                        
                                            GET /video/jdhYaPoK/MYxPUUVVbjK8_Oly/74734/64718/webm/video/1920x1080_vp9_2500000/s_6.webm HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: video/mp4
                                        
date: Wed, 28 Sep 2022 07:50:17 GMT
content-length: 787848
last-modified: Mon, 12 Sep 2022 18:07:54 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdvwoKyAeKeNdXooBd2jsUrxqt8F8-lN-YS7dHsNHZ3uejeiqqJZlkt5n66GCnGsMson07ORqAQW-BPdvooddUL-ZA
x-goog-generation: 1663006074453790
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 787848
x-goog-hash: crc32c=D1zdiA==, md5=xetkI9k7+VZRM4O40IRNfw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=31104000
etag: "c5eb6423d93bf956513383b8d0844d7f"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1664351417.cds245.sk1.hn,1664351417.cds065.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   787848
Md5:    c5eb6423d93bf956513383b8d0844d7f
Sha1:   fe115ec6e0b1101f1777ef084b54f848c58b98c0
Sha256: a1353670447dff1aef4ad6916e270841b6f1d9581213913fb37dd3eec9978f45
                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1780
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 28 Sep 2022 07:50:16 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1820
Origin: https://getvarislim.com
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 28 Sep 2022 07:50:17 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            GET /7367/542/2/?subid=XMdgerbdmmlot HTTP/1.1 
Host: mwebnice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.146.245
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 07:50:09 GMT
location: https://getvarislim.com/?aff_id=62&subid2=7367_sessid20220928075042384&subid=542
cache-control: max-age=3600, private
pragma: no-cache
expires: Wed, 28 Sep 2022 08:50:09 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751ae2f0a8091c0a-OSL
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /?aff_id=62&subid2=7367_sessid20220928075042384&subid=542 HTTP/1.1 
Host: getvarislim.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: user_id=ca07516d413e667f69cf149e5974a474; user_id.sig=uh_q51HYY3wYFor9ohu4JeGhqrg; cbst-52-pv=b|2022-09-21T17:33:55.788Z; cbst-52-pv.sig=V7FXkbGk5adsXKUiDTtXvL9rtM0; uid=wKhaAmMz8S+qwABFAxupAg==; sessid2=sessid20220928070128050; spi_funnel_codename=6; aff_id=62; sid=542%7C7367_sessid20220928070034725; campaign_id=; referrer=91.90.42.154::getvarislim.com; bitmovin_analytics_uuid=0f531183-77c1-40f4-9ee4-5dd802f27940
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.56.58
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Wed, 28 Sep 2022 07:50:09 GMT
vary: Accept-Encoding
set-cookie: persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly persistedParams.sig=qQIP2OdsTFa87s1ohgL1NB6ingI; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly cnid=1; path=/
content-security-policy: frame-ancestors 'self' cbsplit.com;
cache-control: private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E50GIoIr%2FJpUTOZjxKmkGb4x8qCHzJ1vyLTG64qCmf77EjKUOBz6kpuZqwzeJ1UhI7lhGtSRidQQncXt5PVdL3luJ0HVk1C%2BmMpS9ABFOPZZLeSfWct7QGJWoSHfFnU0cMY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751ae2f35a77b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /track/?a=7315&firstcookie=0&tracking_redirect=&referrer=&sessid2=sessid20220928070128050&product=vari1,vari3,var6&funnel_step=18&funnel_codename=6&caller_url=https%3A%2F%2Fgetvarislim.com%2F%3Faff_id%3D62%26subid2%3D7367_sessid20220928075042384%26subid%3D542 HTTP/1.1 
Host: tracking.buygoods.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getvarislim.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.66.43.22
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 07:50:10 GMT
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
set-cookie: spiaffid_7315=62; expires=Tue, 27-Dec-2022 07:50:10 GMT; Max-Age=7776000; path=/; domain=.buygoods.com spisubid_7315=542%7C7367_sessid20220928075042384; expires=Tue, 27-Dec-2022 07:50:10 GMT; Max-Age=7776000; path=/; domain=.buygoods.com spireferrer_7315=91.90.42.154::getvarislim.com; expires=Tue, 27-Dec-2022 07:50:10 GMT; Max-Age=7776000; path=/; domain=.buygoods.com spisessid2_7315=sessid20220928070128050; expires=Tue, 27-Dec-2022 07:50:10 GMT; Max-Age=7776000; path=/; domain=.buygoods.com spi_funnel_codename_7315=6; expires=Tue, 27-Dec-2022 07:50:10 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751ae2f86d43b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---