r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13844
Expires: Fri, 09 Dec 2022 11:25:07 GMT
Date: Fri, 09 Dec 2022 07:34:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11438
Expires: Fri, 09 Dec 2022 10:45:01 GMT
Date: Fri, 09 Dec 2022 07:34:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 07:08:17 GMT
content-type: application/json
age: 1566
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11121
Expires: Fri, 09 Dec 2022 10:39:44 GMT
Date: Fri, 09 Dec 2022 07:34:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aM91F1m/lf2DcabT5CnJ4l+LuZhoZk1iBco+NBM8L+8Sh+PrmgZBmwBtV/C6BIlpWj+GKXvdjew=
x-amz-request-id: B9C2S1DFG1778639
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 06:50:09 GMT
age: 2654
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
indo.skyindotech.com/ga/click/2-333403960-1667-14468-28250-26134-3624d2e111-o637a4620f
194.163.160.64302 Found 117 B URL HTTP/1.1 indo.skyindotech.com/ga/click/2-333403960-1667-14468-28250-26134-3624d2e111-o637a4620f
IP 194.163.160.64:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash b31cc4d8cb8ba168c881fb5cfc4f0176
258e22a813dffd18aa04cee3f3d3f5fca43d544f
d9be0af9cf960babc4d73a7f9c0eaf502c85924cc623fadb34b5a2da01b33487
GET /ga/click/2-333403960-1667-14468-28250-26134-3624d2e111-o637a4620f HTTP/1.1
Host: indo.skyindotech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 09 Dec 2022 07:34:23 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Request-Id: 6e2ff2d2ef1a3d3d426dfb0d12af6c73
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Location: https://mwebnice.com/6397/938/3/?subid=blasrrmxnwww
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.021305
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 07:34:24 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ebbe8acc41e7807ccc01f6d8120c76ed
715b5290724de2fce9e59bfb4e31ec8cf136a207
c872cbf51c723f7edc16231d0cbf259c25b932180e51bf79fb5077c6e1b4dc22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=146336
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:24 GMT
Etag: "63927da0-116"
Expires: Sun, 11 Dec 2022 00:13:20 GMT
Last-Modified: Fri, 09 Dec 2022 00:13:20 GMT
Server: nginx
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 07:07:59 GMT
age: 1585
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3721
Cache-Control: max-age=95669
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:24 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:08:53 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
vitality.go2cloud.org/aff_c?offer_id=10&aff_id=1020&aff_sub4=6397_sessid20221209073427928&aff_sub5=938
52.210.2.133302 Found 524 B URL HTTP/1.1 vitality.go2cloud.org/aff_c?offer_id=10&aff_id=1020&aff_sub4=6397_sessid20221209073427928&aff_sub5=938
IP 52.210.2.133:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (390)
Hash 24a3972b03dd48cdfca288f718288c80
5b7ed01aaefd4cd509f62704ffdd99f8ac2f3745
7d6a35852d4e8d56fc987e2c263be05565929869477fcbfabf7cdc9c09716263
GET /aff_c?offer_id=10&aff_id=1020&aff_sub4=6397_sessid20221209073427928&aff_sub5=938 HTTP/1.1
Host: vitality.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 09 Dec 2022 07:34:24 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 524
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://secure.bloodsugarblaster.com/index-vsl-cf?affiliate_id=1483639&aff_sub=1023d2e78aa6fd5423ef1595aabb9a&aff_sub2=6397_sessid20221209073427928&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=&utm_term=Blood+Sugar+Blaster+CPA_10&utm_content=MaxWeb+Inc_1020
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_10=ENC03f6812e3a046433ceb081599f406cb2f6ae1f0f63955ceb61e42bdae01bda53d1560603ea518007979afd7ac39fb3e0e8355173c0e4c72f8e0e4384ac2dfd6b69ef824820736549b0292715a7c665994678f16f7648bb83d74ba5e7e33c1c9c2b0e710cf0979f394f00ab187fa0e992909221ae20842ba458d9429139c839cd3f884a308cc563fe5573b00f896ab1167179f45d44974e718cace4f7b4d5b8f5971795356a; expires=Mon, 09 Jan 2023 07:34:24 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sun, 02 Nov 2025 18:14:24 GMT; path=/; SameSite=None; Secure
Tracking_id: 1023d2e78aa6fd5423ef1595aabb9a
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 96dcc854db20a1ed028cc3d5ff7ace0a
Access-Control-Allow-Headers: Tune-SDK-Version
push.services.mozilla.com/
44.238.3.246101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.3.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: n6TX5n7XiOO6T1BHVmlQmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mRkyIDsvIkpqskAR4IibKFGr/Kk=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9f480d3b55bab3cadca5b7e1616771a7
b4a9245d319e6df8d02478dbaa0722f14f92f2d6
738f37a887269c30c68e12d0347c341f4252cb4645d0116b5fa64c57dc929e37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=171143
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:25 GMT
Etag: "6392de88-116"
Expires: Sun, 11 Dec 2022 07:06:48 GMT
Last-Modified: Fri, 09 Dec 2022 07:06:48 GMT
Server: nginx
Content-Length: 278
mwebnice.com/6397/938/3/?subid=blasrrmxnwww
188.114.96.1302 Found 278 B URL HTTP/2 mwebnice.com/6397/938/3/?subid=blasrrmxnwww
IP 188.114.96.1:0
Hash 9f480d3b55bab3cadca5b7e1616771a7
b4a9245d319e6df8d02478dbaa0722f14f92f2d6
738f37a887269c30c68e12d0347c341f4252cb4645d0116b5fa64c57dc929e37
Analyzer Verdict Alert fortinet Phishing
GET /6397/938/3/?subid=blasrrmxnwww HTTP/1.1
Host: mwebnice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 09 Dec 2022 07:34:24 GMT
content-type: text/html; charset=UTF-8
location: http://vitality.go2cloud.org/aff_c?offer_id=10&aff_id=1020&aff_sub4=6397_sessid20221209073427928&aff_sub5=938
cache-control: max-age=3600, private
pragma: no-cache
expires: Fri, 09 Dec 2022 08:34:24 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776c0ee22c0f0afe-OSL
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js
104.17.25.14200 OK 746 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.0/js.cookie.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (1689), with no line terminators
Hash c7aa19d4df3072191003257d7afa3476
8b205902361f13e2c86b4ef810ed123322364908
b70572d447d0e34f939d5f6fc58e6df16c1972e48ef6acd419f0ff05bd12fd96
GET /ajax/libs/js-cookie/2.2.0/js.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 07:34:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 746
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec5-699"
last-modified: Mon, 04 May 2020 16:11:49 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3727602
expires: Wed, 29 Nov 2023 07:34:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTPX0MaNNRRUUNUa%2FkKvMZakMNFtlIiw81RJ9c94fhmJXfuZs0wwuWfJg8oYUWVYPBs%2FevLxWOO1YpBr1tpNCOWL%2BAyWCE0kNhZT8fO7jfzgaIM%2FVkfgmDheY13NhJubM8kQATGn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 776c0eec2f77b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 40ed5ec0836e5a03f0c1347b5db96966
40a1f62afbf3c26ea40be6d287122f3ffd19870e
2fd03cac65cc434ddade13acacc1c68a2a4bbc557e3a03777ea20fdd6c91a441
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3376
Cache-Control: max-age=87802
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:25 GMT
Etag: "63918bcb-117"
Expires: Sat, 10 Dec 2022 07:57:47 GMT
Last-Modified: Thu, 08 Dec 2022 07:01:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
code.jquery.com/jquery-3.3.1.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 07:34:25 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670571265.dop068.sk1.t,1670571265.cds260.sk1.hn,1670571265.cds217.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 40ed5ec0836e5a03f0c1347b5db96966
40a1f62afbf3c26ea40be6d287122f3ffd19870e
2fd03cac65cc434ddade13acacc1c68a2a4bbc557e3a03777ea20fdd6c91a441
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3376
Cache-Control: max-age=87802
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:25 GMT
Etag: "63918bcb-117"
Expires: Sat, 10 Dec 2022 07:57:47 GMT
Last-Modified: Thu, 08 Dec 2022 07:01:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
104.18.11.207200 OK 25 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (65324)
Hash 370d14921f5636647eb1691a2be975ee
97e742c16b2c50722a9fa2c80ed9be67165bab51
532a9eb3edb2c291e908f4a4a7df3538ff82980cbc12d8a2e243fbba6b9ae59e
GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 07:34:25 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 16012253
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776c0eec6d50b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15124
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 07:34:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15124
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 07:34:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15124
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 07:34:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15124
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 07:34:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15124
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 07:34:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:33:10 GMT
age: 68476
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDD0v-1I1sFVMsJl64nQDe_hHExMrSLXPrbou_J79YEQf3YwS2oklA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:48:13 GMT
age: 85573
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 13960
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRBF_gIAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:37:33 GMT
age: 68213
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34a9b9b25e57f612db5560cd05e44cce
433e295328d6c821a1df907c232bff4195e2860b
139dc677e5725c98a5d90d19b206a34a4c9f43ad87cf1d322881381e992bd5b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 26914070-22ad-49fd-bacb-7842dcb203b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZPGd-oAMF5OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925907-5c62555a65327ff934ae232e;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gGT6ZP9a7ENOcyGNek_ac8WlyRoiYeB4KdqC2UHHlwLdWBQUhHsw7w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 22:00:01 GMT
age: 34465
etag: "433e295328d6c821a1df907c232bff4195e2860b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 52402
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NCQV9V8
142.250.74.40200 OK 86 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NCQV9V8
IP 142.250.74.40:0
File type ASCII text, with very long lines (13731)
Hash d6509d8001dce41f10c890b0364286aa
87bc1e4c2fc47333fc402a4f01821a8b3424f6df
06d008b09a460d64595ff8d2475c40c4453cd065273a41dee6bbf0824669786a
GET /gtm.js?id=GTM-NCQV9V8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 07:34:26 GMT
expires: Fri, 09 Dec 2022 07:34:26 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85936
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 5.4 kB IP 216.58.211.3:0
Hash 0846914272361d626f24f320f50c8646
6d060f1815ac87c47c5b0e507090a2636b5f0c99
5243d632c0b644ed50b1b248506cc37ab21be50d527a801c2ff195f3fedbbd9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 06:46:55 GMT
expires: Fri, 09 Dec 2022 08:46:55 GMT
cache-control: public, max-age=7200
age: 2851
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amplify.outbrain.com/cp/obtp.js
23.38.201.81200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 23.38.201.81:0
File type ASCII text, with very long lines (16574), with no line terminators
Hash 5cdda5ed80a4ee13f700ae502f7cd4ec
0e6aa932abf3c56561a686aa3e8d069aaa3ca228
d54fc3e1792330cc768902f861f0a79ecffbfd23b8db14f354e8fcefd1c831c1
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Last-Modified: Mon, 28 Nov 2022 14:22:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Fri, 09 Dec 2022 07:54:26 GMT
Date: Fri, 09 Dec 2022 07:34:26 GMT
Content-Length: 5269
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2348
Cache-Control: max-age=120588
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:04:14 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/702547308/?random=1670571265462&cv=11&fst=1670571265462&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&tiba=Blood%20Sugar%20Blaster%20-%20Lower%20Blood%20Sugar%20Naturally&auid=1739704871.1670571265&rfmt=3&fmt=4
216.58.207.226200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/702547308/?random=1670571265462&cv=11&fst=1670571265462&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&tiba=Blood%20Sugar%20Blaster%20-%20Lower%20Blood%20Sugar%20Naturally&auid=1739704871.1670571265&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2517), with no line terminators
Hash c2378d22098868cdf353b0502625badb
97f3a868c07b0fef3f2e32a0495619f6fedda525
b649703bde5e77cbef02772aaa6879b1ab601ea80a06e958c92f55703dfa6435
GET /pagead/viewthroughconversion/702547308/?random=1670571265462&cv=11&fst=1670571265462&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&tiba=Blood%20Sugar%20Blaster%20-%20Lower%20Blood%20Sugar%20Naturally&auid=1739704871.1670571265&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 07:34:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1054
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 07:49:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: YeqHodJR1uuql/9bbWfLheEwtiz4mR/jArS08WcSc91bPt7ghZbwJPwS7bkT8u5/5X+CZNynfKtkBENlTEqOug==
content-length: 27340
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 07:34:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.taboola.com/libtrc/unip/1046423/tfa.js
151.101.1.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1046423/tfa.js
IP 151.101.1.44:0
File type ASCII text, with very long lines (58966)
Hash 7c7b7905b9abb89047040f4fa827c23f
cc3f3e4496fc52a97b640f96bc68adc08601dd71
c12bf14a310147765668f1d2e4a2abbb4b59b83f97c75c63bba641bc97ab7da4
GET /libtrc/unip/1046423/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +KhtbP3Sw4meI/7gJHNMKvqSGbVUEme4W7lxHDWvs8Khd9OGt27pu5jqBmDF7BB/JYVv+J6GAvs=
x-amz-request-id: S3G8W3B3QE79K7VN
x-amz-replication-status: COMPLETED
last-modified: Tue, 06 Dec 2022 13:04:11 GMT
etag: "6f506a316218adba31224da5dd4b1de7"
x-amz-version-id: lDkTdnREv3kEJuubMSepXDzrpAMYOMVT
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 07:34:26 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670571267.583939,VS0,VE100
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 55
content-length: 18123
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2348
Cache-Control: max-age=120588
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 17:04:14 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 23f0fed6cb9af080a75d8b899ae5bd84
2c02a8cb4a6e70d8ba58696fd709838656d443c3
b1102b6924fcffe1f07a07385010a47aa142435d4efc79b338e50f8258a4d5da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/702547308/?random=1670571265462&cv=11&fst=1670569200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&tiba=Blood%20Sugar%20Blaster%20-%20Lower%20Blood%20Sugar%20Naturally&fmt=3&is_vtc=1&random=606801407&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/702547308/?random=1670571265462&cv=11&fst=1670569200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&tiba=Blood%20Sugar%20Blaster%20-%20Lower%20Blood%20Sugar%20Naturally&fmt=3&is_vtc=1&random=606801407&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/702547308/?random=1670571265462&cv=11&fst=1670569200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&tiba=Blood%20Sugar%20Blaster%20-%20Lower%20Blood%20Sugar%20Naturally&fmt=3&is_vtc=1&random=606801407&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 07:34:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/702547308/?random=1670571265462&cv=11&fst=1670569200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&tiba=Blood%20Sugar%20Blaster%20-%20Lower%20Blood%20Sugar%20Naturally&fmt=3&is_vtc=1&random=606801407&rmt_tld=1&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/702547308/?random=1670571265462&cv=11&fst=1670569200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&tiba=Blood%20Sugar%20Blaster%20-%20Lower%20Blood%20Sugar%20Naturally&fmt=3&is_vtc=1&random=606801407&rmt_tld=1&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/702547308/?random=1670571265462&cv=11&fst=1670569200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&tiba=Blood%20Sugar%20Blaster%20-%20Lower%20Blood%20Sugar%20Naturally&fmt=3&is_vtc=1&random=606801407&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 07:34:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 32d90ff0cc366730c3633c1201b4c058
f4175292b607197a15085e14bf69df301dff6706
b4b2f80fbe9b02f3d54dc35a3738c31a4d7cb5a5e528fcbce50263d8c458231a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clarity.ms/tag/3y01lbt8hu
13.107.237.53200 OK 17 kB URL HTTP/2 www.clarity.ms/tag/3y01lbt8hu
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 00c8f6b181d14ff1575bea0ef4ef62a4
e01fae06585c61c76d0976625593d6c2b4061f08
6e8f85e76631fe7fa96ddc1d2375d652f5f4b80797feffef88a656c0ad8771aa
GET /tag/3y01lbt8hu HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=0fe338e5d8dc4f7c9e858be06148c125.20221209.20231209; expires=Sat, 09 Dec 2023 07:34:26 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-cache: CONFIG_NOCACHE
x-azure-ref: 0AuWSYwAAAAALhob6HJfASoXhSSVh+u5XU1ZHMjBFREdFMDYwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 09 Dec 2022 07:34:26 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 16:40:43 GMT
expires: Fri, 08 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 53623
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 97bed5bb67b50465e51a6b4a4c67b8e8
ee1a09ccaf4fce08de66a5555eeb2bc0f9869008
058ecc2f02ec2766c71ca23b0b2c1b8e980d545ba3d30f1ae71faa83b81f198c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127573
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Etag: "63923457-117"
Expires: Sat, 10 Dec 2022 19:00:39 GMT
Last-Modified: Thu, 08 Dec 2022 19:00:39 GMT
Server: nginx
Content-Length: 279
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 76ab40ab6403ea449a18fb59b1da283e
db5c8571f91993f10ab9f1edc212b5f3b402afc5
97269d6d012a98d1369a5e4b99db28ccd38c6086c386cc03508aff94f5a1c2e3
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5660
Cache-Control: max-age=141183
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Etag: "63925365-1d7"
Expires: Sat, 10 Dec 2022 22:47:29 GMT
Last-Modified: Thu, 08 Dec 2022 21:13:09 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 76ab40ab6403ea449a18fb59b1da283e
db5c8571f91993f10ab9f1edc212b5f3b402afc5
97269d6d012a98d1369a5e4b99db28ccd38c6086c386cc03508aff94f5a1c2e3
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3712
Cache-Control: max-age=139235
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:26 GMT
Etag: "63925365-1d7"
Expires: Sat, 10 Dec 2022 22:15:01 GMT
Last-Modified: Thu, 08 Dec 2022 21:13:09 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
tr.outbrain.com/cachedClickId?marketerId=00004e54d8d3829abd2f80200cca2553b5,002d8eb1d62679a3c5cbc6344aaddd4cb3
70.42.32.95200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00004e54d8d3829abd2f80200cca2553b5,002d8eb1d62679a3c5cbc6344aaddd4cb3
IP 70.42.32.95:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00004e54d8d3829abd2f80200cca2553b5,002d8eb1d62679a3c5cbc6344aaddd4cb3 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 07:34:27 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: c983de0fe57303217b31685f2cdfc5da
content-encoding: gzip
tr.outbrain.com/unifiedPixel?marketerId=00004e54d8d3829abd2f80200cca2553b5,002d8eb1d62679a3c5cbc6344aaddd4cb3&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&optOut=false&bust=07391439502307587&referrer=
70.42.32.95200 OK 60 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00004e54d8d3829abd2f80200cca2553b5,002d8eb1d62679a3c5cbc6344aaddd4cb3&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&optOut=false&bust=07391439502307587&referrer=
IP 70.42.32.95:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb
GET /unifiedPixel?marketerId=00004e54d8d3829abd2f80200cca2553b5,002d8eb1d62679a3c5cbc6344aaddd4cb3&apiObjVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&optOut=false&bust=07391439502307587&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 07:34:27 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 5dc1701498b58c2e6398bf9e25da8163
content-encoding: gzip
www.facebook.com/tr/?id=330183728420749&ev=PageVisit&dl=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&rl=&if=false&ts=1670571266157&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670571266157.738318396&it=1670571265841&coo=false&tm=2&rqm=GET
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=330183728420749&ev=PageVisit&dl=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&rl=&if=false&ts=1670571266157&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670571266157.738318396&it=1670571265841&coo=false&tm=2&rqm=GET
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=330183728420749&ev=PageVisit&dl=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&rl=&if=false&ts=1670571266157&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670571266157.738318396&it=1670571265841&coo=false&tm=2&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 07:34:27 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=330183728420749&ev=PageView&dl=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&rl=&if=false&ts=1670571266160&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670571266157.738318396&it=1670571265841&coo=false&tm=1&rqm=GET
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=330183728420749&ev=PageView&dl=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&rl=&if=false&ts=1670571266160&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670571266157.738318396&it=1670571265841&coo=false&tm=1&rqm=GET
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=330183728420749&ev=PageView&dl=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&rl=&if=false&ts=1670571266160&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670571266157.738318396&it=1670571265841&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 07:34:27 GMT
X-Firefox-Spdy: h2
rp.liadm.com/j?dtstmp=1670571265718&aid=a-069t&se=e30&duid=d598983de66e--01gktwx3j5s3ywa64ky19ctt0m&tna=v2.5.1&pu=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&wpn=lc-bundle&c=PHRpdGxlPkJsb29kIFN1Z2FyIEJsYXN0ZXIgLSBMb3dlciBCbG9vZCBTdWdhciBOYXR1cmFsbHk8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJUaGUgIzEgcmF0ZWQgYWxsIG5hdHVyYWwgYmxvb2Qgc3VnYXIgc3VwcG9ydCBzdXBwbGVtZW50LiI-PGgxIGNsYXNzPSJib2xkIiBzdHlsZT0iZm9udC1zaXplOiAyNnB4OyI-PHNwYW4-SXMgdGhlIGtleSB0byByZXZlcnNpbmcgdHlwZSAyIGRpYWJldGVzIGhpZGRlbiB3aXRoaW4gYW4KYW5jaWVudCBTb3V0aCBBc2lhbiBtYW51c2NyaXB0Pzwvc3Bhbj48L2gxPg
34.225.174.126302 Found 0 B URL HTTP/2 rp.liadm.com/j?dtstmp=1670571265718&aid=a-069t&se=e30&duid=d598983de66e--01gktwx3j5s3ywa64ky19ctt0m&tna=v2.5.1&pu=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&wpn=lc-bundle&c=PHRpdGxlPkJsb29kIFN1Z2FyIEJsYXN0ZXIgLSBMb3dlciBCbG9vZCBTdWdhciBOYXR1cmFsbHk8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJUaGUgIzEgcmF0ZWQgYWxsIG5hdHVyYWwgYmxvb2Qgc3VnYXIgc3VwcG9ydCBzdXBwbGVtZW50LiI-PGgxIGNsYXNzPSJib2xkIiBzdHlsZT0iZm9udC1zaXplOiAyNnB4OyI-PHNwYW4-SXMgdGhlIGtleSB0byByZXZlcnNpbmcgdHlwZSAyIGRpYWJldGVzIGhpZGRlbiB3aXRoaW4gYW4KYW5jaWVudCBTb3V0aCBBc2lhbiBtYW51c2NyaXB0Pzwvc3Bhbj48L2gxPg
IP 34.225.174.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j?dtstmp=1670571265718&aid=a-069t&se=e30&duid=d598983de66e--01gktwx3j5s3ywa64ky19ctt0m&tna=v2.5.1&pu=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&wpn=lc-bundle&c=PHRpdGxlPkJsb29kIFN1Z2FyIEJsYXN0ZXIgLSBMb3dlciBCbG9vZCBTdWdhciBOYXR1cmFsbHk8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJUaGUgIzEgcmF0ZWQgYWxsIG5hdHVyYWwgYmxvb2Qgc3VnYXIgc3VwcG9ydCBzdXBwbGVtZW50LiI-PGgxIGNsYXNzPSJib2xkIiBzdHlsZT0iZm9udC1zaXplOiAyNnB4OyI-PHNwYW4-SXMgdGhlIGtleSB0byByZXZlcnNpbmcgdHlwZSAyIGRpYWJldGVzIGhpZGRlbiB3aXRoaW4gYW4KYW5jaWVudCBTb3V0aCBBc2lhbiBtYW51c2NyaXB0Pzwvc3Bhbj48L2gxPg HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.bloodsugarblaster.com
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Dec 2022 07:34:27 GMT
content-length: 0
trace-id: 8a1360b2b3530d07
vary: Origin
location: /j?dtstmp=1670571265718&aid=a-069t&se=e30&duid=d598983de66e--01gktwx3j5s3ywa64ky19ctt0m&tna=v2.5.1&pu=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020&wpn=lc-bundle&c=PHRpdGxlPkJsb29kIFN1Z2FyIEJsYXN0ZXIgLSBMb3dlciBCbG9vZCBTdWdhciBOYXR1cmFsbHk8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJUaGUgIzEgcmF0ZWQgYWxsIG5hdHVyYWwgYmxvb2Qgc3VnYXIgc3VwcG9ydCBzdXBwbGVtZW50LiI-PGgxIGNsYXNzPSJib2xkIiBzdHlsZT0iZm9udC1zaXplOiAyNnB4OyI-PHNwYW4-SXMgdGhlIGtleSB0byByZXZlcnNpbmcgdHlwZSAyIGRpYWJldGVzIGhpZGRlbiB3aXRoaW4gYW4KYW5jaWVudCBTb3V0aCBBc2lhbiBtYW51c2NyaXB0Pzwvc3Bhbj48L2gxPg&n3pc=true
set-cookie: lidid=e5713afd-0987-48e7-b95b-b04dc2e895da; Max-Age=63072000; Expires=Sun, 08 Dec 2024 07:34:27 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://secure.bloodsugarblaster.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.237.53200 OK 18 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Hash 263e3b9085ef8c8fdd0c3797f32a7a38
26549302d74a9191b76cf6d13a244d4f12db88fc
6ee40e7ce3bfb55435437365ccc1092667d4db8f6c95fef2aa44dbe96490d1d3
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9082948124e4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 0Cw+SYwAAAABSSno95Ts3SIZgm9AMvk8DQU1TMDRFREdFMTkxOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0AuWSYwAAAAA/K1TJl3RNR452wdRL5pcpU1ZHMjBFREdFMDYwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 09 Dec 2022 07:34:26 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash dcb0ed86727c359c48d60000d5ce055b
f7e736e0e1f78ec89eacaa08fd5648e1cf47d4fc
68713a99b06419fcaa5ee2c4b2b1a2772ff6a47df9ca0f5dda78189fefa108a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 07:21:04 GMT
expires: Fri, 09 Dec 2022 07:36:04 GMT
cache-control: public, max-age=900
age: 803
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash dcb0ed86727c359c48d60000d5ce055b
f7e736e0e1f78ec89eacaa08fd5648e1cf47d4fc
68713a99b06419fcaa5ee2c4b2b1a2772ff6a47df9ca0f5dda78189fefa108a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 854
Origin: https://secure.bloodsugarblaster.com
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://secure.bloodsugarblaster.com
access-control-allow-credentials: true
date: Fri, 09 Dec 2022 07:34:26 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 09 Dec 2022 07:34:27 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 2fb70d3f23113ed137bc4e75b97f29cb
9d745b8e03bc31015924d28c13ce840d0d9cd0ab
6572933207acaaf4d180cbfa01e5a24613a4c64aeb0b37e22070e717d92bd2c8
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 09 Dec 2022 07:34:27 GMT
server: ESF
cache-control: private
content-length: 30738
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3b873c6396aca4019ea51aed119cc8b6
b9684a5bf5075eb4e8ae2512b9ab3f1ddbddf80a
0045a8cb68ae0065903c118fcce7eb8b5eb1ad3bf92da3a50630346f5b45ca34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/CwVTwzgKR79Uc6JOnoeLQpp2wWh1-U_HY6vLA6ze4RTbZZqqz_u4Erm7ptPRtDw-lp31SiyRVg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.1 kB URL HTTP/2 yt3.ggpht.com/CwVTwzgKR79Uc6JOnoeLQpp2wWh1-U_HY6vLA6ze4RTbZZqqz_u4Erm7ptPRtDw-lp31SiyRVg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash b5ca5bba8661283de03a0cfbd772d228
b3393683ce4e837efd5493e421742a3b0dfe3108
7cefd9b5dd2078cd21000a351504c638e40f4adf401d593db961e4a1400f748b
GET /CwVTwzgKR79Uc6JOnoeLQpp2wWh1-U_HY6vLA6ze4RTbZZqqz_u4Erm7ptPRtDw-lp31SiyRVg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3128
x-xss-protection: 0
date: Fri, 09 Dec 2022 07:34:27 GMT
expires: Sat, 19 Nov 2022 12:54:20 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3b873c6396aca4019ea51aed119cc8b6
b9684a5bf5075eb4e8ae2512b9ab3f1ddbddf80a
0045a8cb68ae0065903c118fcce7eb8b5eb1ad3bf92da3a50630346f5b45ca34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 09 Dec 2022 07:34:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 480849056bfbcfece8e6161dc0bb87f6
749623de4b102840064028c3cdc7c4fc375225b2
e8554a99f6341665f7834df9d65429cff6f68e8cb1f0b748168adff2e5fa1f14
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 994
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 09 Dec 2022 07:34:28 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=A1A776EF62D64EFCBAE2CEEFD6940E7E&RedC=c.clarity.ms&MXFR=31EC7B587EAC63710CD3692D7AAC6D72
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=31EC7B587EAC63710CD3692D7AAC6D72; domain=.clarity.ms; expires=Wed, 03-Jan-2024 07:34:28 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 09 Dec 2022 07:34:28 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 272ec26183190d48a1849acf0272f112
76ea3dba55c09c3d46b1847b280fb68a37d250cf
3151d89b6e99d9b9ec3cf098d5b26e7ca7b2da5e2c9951589b0f33d302cab399
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 272ec26183190d48a1849acf0272f112
76ea3dba55c09c3d46b1847b280fb68a37d250cf
3151d89b6e99d9b9ec3cf098d5b26e7ca7b2da5e2c9951589b0f33d302cab399
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=251&source=youtube&requiressl=yes&mh=zT&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1566250&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=audio%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=64508011&dur=4293.161&lmt=1665870148918759&mt=1670570938&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANg5XU8zWIi69Mb12cy-D0c3oWZVx3iHBoKDb_3LBFCaAiAKq_8LgUb_9aNI3RTwCdo7b7eMxhzXflRMFshS5_apPA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPExGZhLpm4ODC3Z5Ve3-158JZGWkuKj2Kw6W4kQk-1sAiEAltzNIFC-CWBjAtUJlFAWYlD4rsee8yeDFU4y192HbkQ%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&range=0-73426&rn=2&rbuf=0
91.90.45.173200 OK 1.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=251&source=youtube&requiressl=yes&mh=zT&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1566250&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=audio%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=64508011&dur=4293.161&lmt=1665870148918759&mt=1670570938&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANg5XU8zWIi69Mb12cy-D0c3oWZVx3iHBoKDb_3LBFCaAiAKq_8LgUb_9aNI3RTwCdo7b7eMxhzXflRMFshS5_apPA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPExGZhLpm4ODC3Z5Ve3-158JZGWkuKj2Kw6W4kQk-1sAiEAltzNIFC-CWBjAtUJlFAWYlD4rsee8yeDFU4y192HbkQ%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&range=0-73426&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1033), with no line terminators
Hash 749b10ce033b31250d2fa8806593e2e0
c0abff05a3c1d9d90bd7f941fd561efed7c193bb
cc9c04fa962340a654b5d98d7d4f0618a64a880c9357534db0682841bcb85172
POST /videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=251&source=youtube&requiressl=yes&mh=zT&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1566250&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=audio%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=64508011&dur=4293.161&lmt=1665870148918759&mt=1670570938&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANg5XU8zWIi69Mb12cy-D0c3oWZVx3iHBoKDb_3LBFCaAiAKq_8LgUb_9aNI3RTwCdo7b7eMxhzXflRMFshS5_apPA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPExGZhLpm4ODC3Z5Ve3-158JZGWkuKj2Kw6W4kQk-1sAiEAltzNIFC-CWBjAtUJlFAWYlD4rsee8yeDFU4y192HbkQ%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&range=0-73426&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 09 Dec 2022 07:34:28 GMT
Expires: Fri, 09 Dec 2022 07:34:28 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1033
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=zT&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1566250&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=video%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=76362453&dur=4293.122&lmt=1665876039375673&mt=1670570938&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPWAEiHWOwuIt3HPj-CeW42wC4EnMphKB2nya3A0Q5D0AiB1yy68x5rRsBG6fbjgxk-3iKgCaexu_9SUGDq9lMLF6g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPExGZhLpm4ODC3Z5Ve3-158JZGWkuKj2Kw6W4kQk-1sAiEAltzNIFC-CWBjAtUJlFAWYlD4rsee8yeDFU4y192HbkQ%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&range=0-160259&rn=1&rbuf=0
91.90.45.173200 OK 1.1 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=zT&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1566250&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=video%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=76362453&dur=4293.122&lmt=1665876039375673&mt=1670570938&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPWAEiHWOwuIt3HPj-CeW42wC4EnMphKB2nya3A0Q5D0AiB1yy68x5rRsBG6fbjgxk-3iKgCaexu_9SUGDq9lMLF6g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPExGZhLpm4ODC3Z5Ve3-158JZGWkuKj2Kw6W4kQk-1sAiEAltzNIFC-CWBjAtUJlFAWYlD4rsee8yeDFU4y192HbkQ%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&range=0-160259&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1115), with no line terminators
Hash 2898695404068c7afabae74106b3a890
2e44fa5dddcfe90b029f8da0be1ee31ef7192518
8690e34e07af28c072f2c3a1bcf3c963fcf1d973fe2b2e8010a9a4c7e7109f4f
POST /videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=zT&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1566250&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=video%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=76362453&dur=4293.122&lmt=1665876039375673&mt=1670570938&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPWAEiHWOwuIt3HPj-CeW42wC4EnMphKB2nya3A0Q5D0AiB1yy68x5rRsBG6fbjgxk-3iKgCaexu_9SUGDq9lMLF6g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPExGZhLpm4ODC3Z5Ve3-158JZGWkuKj2Kw6W4kQk-1sAiEAltzNIFC-CWBjAtUJlFAWYlD4rsee8yeDFU4y192HbkQ%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&range=0-160259&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 09 Dec 2022 07:34:28 GMT
Expires: Fri, 09 Dec 2022 07:34:28 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1115
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 272ec26183190d48a1849acf0272f112
76ea3dba55c09c3d46b1847b280fb68a37d250cf
3151d89b6e99d9b9ec3cf098d5b26e7ca7b2da5e2c9951589b0f33d302cab399
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7d0707b86cc9bea2baab5f776c6a2fa6
1ca4152999f650f43d0bddc79c74d744652cd2b7
f67f5184bb3c0696479dc1d1eaa77eded6b150aa2dd7a23112e4e315299e0e56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7d0707b86cc9bea2baab5f776c6a2fa6
1ca4152999f650f43d0bddc79c74d744652cd2b7
f67f5184bb3c0696479dc1d1eaa77eded6b150aa2dd7a23112e4e315299e0e56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.bing.com/c.gif?CtsSyncId=A1A776EF62D64EFCBAE2CEEFD6940E7E&RedC=c.clarity.ms&MXFR=31EC7B587EAC63710CD3692D7AAC6D72
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=A1A776EF62D64EFCBAE2CEEFD6940E7E&RedC=c.clarity.ms&MXFR=31EC7B587EAC63710CD3692D7AAC6D72
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=A1A776EF62D64EFCBAE2CEEFD6940E7E&RedC=c.clarity.ms&MXFR=31EC7B587EAC63710CD3692D7AAC6D72 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure.bloodsugarblaster.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=A1A776EF62D64EFCBAE2CEEFD6940E7E&MUID=37BDCADE689C6C3831DFD8AB69696D12
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=37BDCADE689C6C3831DFD8AB69696D12; domain=c.bing.com; expires=Wed, 03-Jan-2024 07:34:28 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA955C9F36154B06A79E9E9BC1A785A1 Ref B: OSL30EDGE0214 Ref C: 2022-12-09T07:34:28Z
date: Fri, 09 Dec 2022 07:34:27 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=A1A776EF62D64EFCBAE2CEEFD6940E7E&MUID=37BDCADE689C6C3831DFD8AB69696D12
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=A1A776EF62D64EFCBAE2CEEFD6940E7E&MUID=37BDCADE689C6C3831DFD8AB69696D12
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=A1A776EF62D64EFCBAE2CEEFD6940E7E&MUID=37BDCADE689C6C3831DFD8AB69696D12 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure.bloodsugarblaster.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 09-Dec-2022 07:44:28 GMT; path=/; SameSite=None; Secure;
date: Fri, 09 Dec 2022 07:34:28 GMT
content-length: 42
X-Firefox-Spdy: h2
rr4---sn-5goeen7y.googlevideo.com/videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=video%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=76362453&dur=4293.122&lmt=1665876039375673&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPWAEiHWOwuIt3HPj-CeW42wC4EnMphKB2nya3A0Q5D0AiB1yy68x5rRsBG6fbjgxk-3iKgCaexu_9SUGDq9lMLF6g%3D%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=zT&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1670571176&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMMRTS9NbJOLMbyp4aW4vNsczvfJT5-E_Y5z_jLAA576AiAzSbjkntGJzr4NKRq-MBtmozPxyDkj7K6IsaFr7wN-oA%3D%3D&range=0-160259&rn=3&rbuf=0&pot=DwBBAJy_6W1JAHn4-K_Q9EczJ-B8NXPxz4IzoZzWJJPPT87UNC9ctleG36rJ4DpunS696ggbGPd1gsWpkUV7Vgc1QbHgp2gOTnF6Keb_pHIEEW-u559mBlr4CpkHX__1M4wasOQ=
74.125.110.137200 OK 160 kB URL HTTP/1.1 rr4---sn-5goeen7y.googlevideo.com/videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=video%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=76362453&dur=4293.122&lmt=1665876039375673&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPWAEiHWOwuIt3HPj-CeW42wC4EnMphKB2nya3A0Q5D0AiB1yy68x5rRsBG6fbjgxk-3iKgCaexu_9SUGDq9lMLF6g%3D%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=zT&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1670571176&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMMRTS9NbJOLMbyp4aW4vNsczvfJT5-E_Y5z_jLAA576AiAzSbjkntGJzr4NKRq-MBtmozPxyDkj7K6IsaFr7wN-oA%3D%3D&range=0-160259&rn=3&rbuf=0&pot=DwBBAJy_6W1JAHn4-K_Q9EczJ-B8NXPxz4IzoZzWJJPPT87UNC9ctleG36rJ4DpunS696ggbGPd1gsWpkUV7Vgc1QbHgp2gOTnF6Keb_pHIEEW-u559mBlr4CpkHX__1M4wasOQ=
IP 74.125.110.137:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 160 kB (160260 bytes)
Hash d308c0166fb2899e545fcb866942621f
78d58d35af57bb9eee7f6d3e263a7bf9a620d41b
a737890c33dadf1c2ed4b21254a8d07e6c29f5ec29188123d0c641fb3e5e9a65
POST /videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=video%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=76362453&dur=4293.122&lmt=1665876039375673&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPWAEiHWOwuIt3HPj-CeW42wC4EnMphKB2nya3A0Q5D0AiB1yy68x5rRsBG6fbjgxk-3iKgCaexu_9SUGDq9lMLF6g%3D%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=zT&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1670571176&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMMRTS9NbJOLMbyp4aW4vNsczvfJT5-E_Y5z_jLAA576AiAzSbjkntGJzr4NKRq-MBtmozPxyDkj7K6IsaFr7wN-oA%3D%3D&range=0-160259&rn=3&rbuf=0&pot=DwBBAJy_6W1JAHn4-K_Q9EczJ-B8NXPxz4IzoZzWJJPPT87UNC9ctleG36rJ4DpunS696ggbGPd1gsWpkUV7Vgc1QbHgp2gOTnF6Keb_pHIEEW-u559mBlr4CpkHX__1M4wasOQ= HTTP/1.1
Host: rr4---sn-5goeen7y.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 15 Oct 2022 23:20:39 GMT
Content-Type: video/webm
Date: Fri, 09 Dec 2022 07:34:28 GMT
Expires: Fri, 09 Dec 2022 07:34:28 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 160260
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7d0707b86cc9bea2baab5f776c6a2fa6
1ca4152999f650f43d0bddc79c74d744652cd2b7
f67f5184bb3c0696479dc1d1eaa77eded6b150aa2dd7a23112e4e315299e0e56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 07:34:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5goeen7y.googlevideo.com/videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=251&source=youtube&requiressl=yes&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=audio%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=64508011&dur=4293.161&lmt=1665870148918759&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANg5XU8zWIi69Mb12cy-D0c3oWZVx3iHBoKDb_3LBFCaAiAKq_8LgUb_9aNI3RTwCdo7b7eMxhzXflRMFshS5_apPA%3D%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=zT&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1670571176&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAP3jxhe02ADv0eWIiEgFhWFvHfaunlhvSpIyNlUHUAGCAiEArD7ghn6hrNoiOw35EQrJAlfdKeq90SVKf3w3sGpluBM%3D&range=0-73426&rn=4&rbuf=0&pot=DwBBAJy_6W1JAHn4-K_Q9EczJ-B8NXPxz4IzoZzWJJPPT87UNC9ctleG36rJ4DpunS696ggbGPd1gsWpkUV7Vgc1QbHgp2gOTnF6Keb_pHIEEW-u559mBlr4CpkHX__1M4wasOQ=
74.125.110.137200 OK 73 kB URL HTTP/1.1 rr4---sn-5goeen7y.googlevideo.com/videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=251&source=youtube&requiressl=yes&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=audio%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=64508011&dur=4293.161&lmt=1665870148918759&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANg5XU8zWIi69Mb12cy-D0c3oWZVx3iHBoKDb_3LBFCaAiAKq_8LgUb_9aNI3RTwCdo7b7eMxhzXflRMFshS5_apPA%3D%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=zT&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1670571176&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAP3jxhe02ADv0eWIiEgFhWFvHfaunlhvSpIyNlUHUAGCAiEArD7ghn6hrNoiOw35EQrJAlfdKeq90SVKf3w3sGpluBM%3D&range=0-73426&rn=4&rbuf=0&pot=DwBBAJy_6W1JAHn4-K_Q9EczJ-B8NXPxz4IzoZzWJJPPT87UNC9ctleG36rJ4DpunS696ggbGPd1gsWpkUV7Vgc1QbHgp2gOTnF6Keb_pHIEEW-u559mBlr4CpkHX__1M4wasOQ=
IP 74.125.110.137:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 1655895e24a67d3d42e659a8464558bf
f76a081412abb2bcb5c97d3fe0a76199664c21c2
ae00512eabc59b2b1def6876bef54078e1cc58ef209aa4d19d1ec2f134914eef
POST /videoplayback?expire=1670592867&ei=A-WSY7nYH4SH0u8PkqWkuAE&ip=91.90.42.154&id=o-AE3Qr_8fUlJx7I6A_QRq8qyvsLPUgWmM2ZOjslAPczg6&itag=251&source=youtube&requiressl=yes&spc=SFxXNpawkxe8qDvdgKaYVpzTD-_PUL4&vprv=1&mime=audio%2Fwebm&ns=TS42EUSeARK7ReH7BqNMfIYJ&gir=yes&clen=64508011&dur=4293.161&lmt=1665870148918759&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=o9BmcNks4r1Ymw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANg5XU8zWIi69Mb12cy-D0c3oWZVx3iHBoKDb_3LBFCaAiAKq_8LgUb_9aNI3RTwCdo7b7eMxhzXflRMFshS5_apPA%3D%3D&alr=yes&cpn=qagMZBuqZvUMUr25&cver=1.20221206.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=zT&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1670571176&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAP3jxhe02ADv0eWIiEgFhWFvHfaunlhvSpIyNlUHUAGCAiEArD7ghn6hrNoiOw35EQrJAlfdKeq90SVKf3w3sGpluBM%3D&range=0-73426&rn=4&rbuf=0&pot=DwBBAJy_6W1JAHn4-K_Q9EczJ-B8NXPxz4IzoZzWJJPPT87UNC9ctleG36rJ4DpunS696ggbGPd1gsWpkUV7Vgc1QbHgp2gOTnF6Keb_pHIEEW-u559mBlr4CpkHX__1M4wasOQ= HTTP/1.1
Host: rr4---sn-5goeen7y.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 15 Oct 2022 21:42:28 GMT
Content-Type: audio/webm
Date: Fri, 09 Dec 2022 07:34:28 GMT
Expires: Fri, 09 Dec 2022 07:34:28 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 73427
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
trc-events.taboola.com/1046423/log/3/unip?en=pre_d_eng_tb&tos=1799&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670571267645&vi=1670571265844&ri=49f050d27c46fff4f5baae5eff9d3e17&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1046423/log/3/unip?en=pre_d_eng_tb&tos=1799&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670571267645&vi=1670571265844&ri=49f050d27c46fff4f5baae5eff9d3e17&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1046423/log/3/unip?en=pre_d_eng_tb&tos=1799&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670571267645&vi=1670571265844&ri=49f050d27c46fff4f5baae5eff9d3e17&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.bloodsugarblaster.com
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 07:34:28 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure.bloodsugarblaster.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1381010/log/3/unip?en=pre_d_eng_tb&tos=1800&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670571267646&vi=1670571265844&ri=2dcf92d8ce9940a21c1853c12e2c4b43&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1381010/log/3/unip?en=pre_d_eng_tb&tos=1800&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670571267646&vi=1670571265844&ri=2dcf92d8ce9940a21c1853c12e2c4b43&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1381010/log/3/unip?en=pre_d_eng_tb&tos=1800&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670571267646&vi=1670571265844&ri=2dcf92d8ce9940a21c1853c12e2c4b43&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.bloodsugarblaster.com
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 07:34:28 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure.bloodsugarblaster.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 828
Origin: https://secure.bloodsugarblaster.com
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://secure.bloodsugarblaster.com
access-control-allow-credentials: true
date: Fri, 09 Dec 2022 07:34:28 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 52244
Origin: https://secure.bloodsugarblaster.com
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://secure.bloodsugarblaster.com
access-control-allow-credentials: true
date: Fri, 09 Dec 2022 07:34:28 GMT
X-Firefox-Spdy: h2
trc-events.taboola.com/1046423/log/3/unip?en=pre_d_eng_tb&tos=4801&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670571270648&vi=1670571265844&ri=49f050d27c46fff4f5baae5eff9d3e17&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1046423/log/3/unip?en=pre_d_eng_tb&tos=4801&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670571270648&vi=1670571265844&ri=49f050d27c46fff4f5baae5eff9d3e17&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1046423/log/3/unip?en=pre_d_eng_tb&tos=4801&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670571270648&vi=1670571265844&ri=49f050d27c46fff4f5baae5eff9d3e17&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.bloodsugarblaster.com
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 07:34:31 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure.bloodsugarblaster.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1381010/log/3/unip?en=pre_d_eng_tb&tos=4802&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670571270649&vi=1670571265844&ri=2dcf92d8ce9940a21c1853c12e2c4b43&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1381010/log/3/unip?en=pre_d_eng_tb&tos=4802&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670571270649&vi=1670571265844&ri=2dcf92d8ce9940a21c1853c12e2c4b43&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1381010/log/3/unip?en=pre_d_eng_tb&tos=4802&scd=55&ssd=1&est=1670571265846&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670571270649&vi=1670571265844&ri=2dcf92d8ce9940a21c1853c12e2c4b43&ref=null&cv=20221206-9-RELEASE&item-url=https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://secure.bloodsugarblaster.com
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 07:34:31 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://secure.bloodsugarblaster.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 13:49:59 GMT
age: 63873
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
216.58.207.238200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 216.58.207.238:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Fri, 09 Dec 2022 07:34:26 GMT
date: Fri, 09 Dec 2022 07:34:26 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=qrNXfXaZtcw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=JY7liq_vmp4; Domain=.youtube.com; Expires=Wed, 07-Jun-2023 07:34:26 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+822; expires=Sun, 08-Dec-2024 07:34:26 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.bloodsugarblaster.com/index-vsl-cf?affiliate_id=1483639&aff_sub=1023d2e78aa6fd5423ef1595aabb9a&aff_sub2=6397_sessid20221209073427928&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=&utm_term=Blood+Sugar+Blaster+CPA_10&utm_content=MaxWeb+Inc_1020
188.114.96.1200 OK 0 B URL HTTP/2 secure.bloodsugarblaster.com/index-vsl-cf?affiliate_id=1483639&aff_sub=1023d2e78aa6fd5423ef1595aabb9a&aff_sub2=6397_sessid20221209073427928&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=&utm_term=Blood+Sugar+Blaster+CPA_10&utm_content=MaxWeb+Inc_1020
IP 188.114.96.1:0
GET /index-vsl-cf?affiliate_id=1483639&aff_sub=1023d2e78aa6fd5423ef1595aabb9a&aff_sub2=6397_sessid20221209073427928&nopopup=false&noautoplay=false&cookiepreview=false&utm_source=&utm_medium=&utm_campaign=&utm_term=Blood+Sugar+Blaster+CPA_10&utm_content=MaxWeb+Inc_1020 HTTP/1.1
Host: secure.bloodsugarblaster.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 09 Dec 2022 07:34:25 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: user_id=09257486295a16babb8d68f4b2f50068; path=/; expires=Thu, 09 Dec 2032 07:34:25 GMT; secure
user_id.sig=smzNz_TTPLDcBsXHQEjoTigpwTU; path=/; expires=Thu, 09 Dec 2032 07:34:25 GMT; secure
persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
persistedParams.sig=qQIP2OdsTFa87s1ohgL1NB6ingI; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
uid=wKhaA2OS5QFYEQA2AwQxAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=2; path=/
content-security-policy: frame-ancestors 'self' cbsplit.com;
cache-control: private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgqITDX3Y1Y%2B0hgzYhtqIbbdxf4EyCIx4qYMwB9kw%2Bix2GuD9HqBJQVhMNkoebOEvdUQkxV%2FF1Q%2FCLCEZV2QVPeZWZHR3R2gV9U8xyQo9s3DFOmEKeCHufMZNj5P%2BYC4Cqy15YsfJ69HDDO9C6U5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776c0ee6facbfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.maxweb.com/conversion/iframe/?a=6397&token=f4d0d337deba4561beb954e818c2dfca
172.66.43.113200 OK 0 B URL HTTP/2 go.maxweb.com/conversion/iframe/?a=6397&token=f4d0d337deba4561beb954e818c2dfca
IP 172.66.43.113:0
GET /conversion/iframe/?a=6397&token=f4d0d337deba4561beb954e818c2dfca HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 07:34:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Fri, 09 Dec 2022 08:34:27 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 776c0ef28eb0b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
trc.taboola.com/1381010/trc/3/json?tim=1670571266095&data=%7B%22id%22%3A713%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670571265844%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dprimalmarketingllc-sc1%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670571265855%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A45%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.1.44200 OK 0 B URL HTTP/2 trc.taboola.com/1381010/trc/3/json?tim=1670571266095&data=%7B%22id%22%3A713%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670571265844%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dprimalmarketingllc-sc1%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670571265855%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A45%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.1.44:0
GET /1381010/trc/3/json?tim=1670571266095&data=%7B%22id%22%3A713%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670571265844%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dprimalmarketingllc-sc1%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670571265855%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A45%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 07:34:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670571267.976433,VS0,VE104
vary: Accept-Encoding
x-vcl-time-ms: 104
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/4.4.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 07:34:26 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617, 718, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 2021-03-10 20:26:23
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 0eddf011c915bfe332eadcc5400cc6a8
cdn-cache: HIT
cf-cache-status: HIT
age: 19882016
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776c0eec8d71b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
b-code.liadm.com/a-069t.min.js
143.204.55.112200 OK 0 B URL HTTP/2 b-code.liadm.com/a-069t.min.js
IP 143.204.55.112:0
GET /a-069t.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 08 Dec 2022 10:17:46 GMT
cache-control: "public, max-age=86400"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1ucuJkFRPtNNP94jEHwb1OYoyD5nojX7eTQEcDo4czWERMr4hPPh5Q==
age: 76600
X-Firefox-Spdy: h2
a.adskeeper.co.uk/mgsensor.js?d=1670571265494
104.18.34.236200 OK 0 B URL HTTP/2 a.adskeeper.co.uk/mgsensor.js?d=1670571265494
IP 104.18.34.236:0
GET /mgsensor.js?d=1670571265494 HTTP/1.1
Host: a.adskeeper.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 07:34:26 GMT
content-type: application/javascript
vary: Accept-Encoding
x-mg-request-uuid: 80317b94-e4de-4e73-9317-49c94f991c26
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 07:34:26 GMT
cf-cache-status: MISS
expires: Fri, 09 Dec 2022 11:34:26 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 776c0ef01db8b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trc.taboola.com/1046423/trc/3/json?tim=1670571265852&data=%7B%22id%22%3A176%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670571265844%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dprimalmarketingllc-sc1%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670571265852%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A45%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.1.44200 OK 0 B URL HTTP/2 trc.taboola.com/1046423/trc/3/json?tim=1670571265852&data=%7B%22id%22%3A176%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670571265844%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dprimalmarketingllc-sc1%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670571265852%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A45%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.1.44:0
GET /1046423/trc/3/json?tim=1670571265852&data=%7B%22id%22%3A176%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670571265844%2C%22cv%22%3A%2220221206-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dprimalmarketingllc-sc1%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670571265852%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsecure.bloodsugarblaster.com%2Findex-vsl-cf%3Faffiliate_id%3D1483639%26aff_sub%3D1023d2e78aa6fd5423ef1595aabb9a%26aff_sub2%3D6397_sessid20221209073427928%26nopopup%3Dfalse%26noautoplay%3Dfalse%26cookiepreview%3Dfalse%26utm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_term%3DBlood%2BSugar%2BBlaster%2BCPA_10%26utm_content%3DMaxWeb%2BInc_1020%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A45%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.bloodsugarblaster.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 07:34:26 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670571267.733494,VS0,VE108
vary: Accept-Encoding
x-vcl-time-ms: 108
X-Firefox-Spdy: h2