firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 16:14:01 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lp7oh2Hu6MTM1bijM9gkr20bGsEurs4aFkgkdnvqksTHv5pWheXA7w==
Age: 3574
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15280
Expires: Thu, 22 Sep 2022 21:28:15 GMT
Date: Thu, 22 Sep 2022 17:13:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oFNQOUh2jCvPX3BtTxRPbm8odSseIWQs4sy9syVxKBHkrXffF119Ng==
age: 45501
X-Firefox-Spdy: h2
bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
162.241.63.77301 Moved Permanently 0 B URL HTTP/1.1 bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 22 Sep 2022 17:13:35 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 17:13:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 17:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 22 Sep 2022 17:10:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mbgGDMJYp4t8rdEuwW5JuO64JBH5EGIfIW4wnzje4791pRi370hLEw==
Age: 613
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 57065fb1b9b744f56ebe27ce4f523ffd
1d9c56d7bb64c379341e7456c7f87ebb20d22055
afcbb4b518a31c93a75ffa94cdd7262b13b354c343600df637fc8f9c818622cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFCBB4B518A31C93A75FFA94CDD7262B13B354C343600DF637FC8F9C818622CF"
Last-Modified: Wed, 21 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21550
Expires: Thu, 22 Sep 2022 23:12:45 GMT
Date: Thu, 22 Sep 2022 17:13:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1555
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:36 GMT
Last-Modified: Thu, 22 Sep 2022 16:47:41 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.146.235101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.146.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: //jq5pXbq8tbMRXchTqaEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +YIv0oTTMsbdb/5z9h84BOT1hZ8=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.clickfunnels.com/mailcheck.min.js
104.16.16.194200 OK 1.6 kB URL HTTP/2 app.clickfunnels.com/mailcheck.min.js
IP 104.16.16.194:0
File type C source, ASCII text, with very long lines (525)
Hash a1203798cae68bdb4f6f2fd2648b3e66
78d472eb22e63120c2f9a88ebb867d1550a3981f
ce0f93e45faf8bdbe5cb74594f6a6b361549057c4d47feb3ae5144532fedcc8d
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:36 GMT
content-type: application/x-javascript
cf-ray: 74ecac132a970b39-OSL
access-control-allow-origin: *
age: 4577
etag: W/"632b3357-a8d"
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=_gRLRGhhWJBI1uS3afe_0POAURxOV3V4BhqjsoCpMbk-1663866816-0-AZ2xPaBw6bEzvE7Ypikv9gdX7l9C0NzVjDwJfotB6t0A3iXiKwMDZJSeDmIfnzD0zCVL9gS4uLjU/cVd95DNdCGbriQZs5jZGlASxFj9NqpW; path=/; expires=Thu, 22-Sep-22 17:43:36 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e2edca22ec94765b68e59bf809d810b8
2728079f012ffd7152de5e49d4c4e6ae5b84670a
4084df6de14fe903c67951e8521d6465eb80a46d6456ec5445d531494b26773d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:36 GMT
Server: ECS (amb/6B95)
Content-Length: 279
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.132.15200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (55782)
Hash a6c081633360baa48176e542eb91f299
46466205cc2ac7527fdfd5d1a5a22695658368a3
cbfcd70bc5d5daf80dae6bb23375abfc17b2c3069c7f5884314fe6f867699591
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:36 GMT
content-type: text/css
x-amz-id-2: vC8KBN503iyWKZzHxfJc5rs99Ocw4DSTaifdaL1SsWTbuhhIHZc4Cm+BPlh6dJ7ueugjQrc5cWE=
x-amz-request-id: F0PHW7H6699FG8TW
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28633838
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJIx6foPVSfLYdDLGdU%2FITKwLHyaYfa1j8ug0EOa2NbO9%2FlruZ7FUd0Eh0SR0uTxPHaVZzqiOey%2Fwo1FZOj42RytgQRDHC1S6k99i%2BbMso7D55e9mod6r%2BMBTWRtGNxCEV45BtrO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ecac131a9372eb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e2edca22ec94765b68e59bf809d810b8
2728079f012ffd7152de5e49d4c4e6ae5b84670a
4084df6de14fe903c67951e8521d6465eb80a46d6456ec5445d531494b26773d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:36 GMT
Server: ECS (amb/6BAD)
Content-Length: 279
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 5.4 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
Hash a3d7c3d8e2a9d9b8cb1af31442c12a0f
439376154203659d9aae875e5cad97002194bf33
ca8cdb767837ac06f5cc9a469c7a100ebd02806d1406a13f5586b52076835224
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:36 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ecac132ca4b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.bestforlife.life/assets/userevents/application.js
104.16.14.194200 OK 2.1 kB URL HTTP/2 www.bestforlife.life/assets/userevents/application.js
IP 104.16.14.194:0
File type ASCII text, with very long lines (4947), with no line terminators
Hash 626832b265a43d137a84a3bf9c091d52
52f6858feac79a8b91d65f12d37176bc7dcecc20
dd83ed6aa16c41fb8a94bc9ed3dd4a88a4de219f3c30f33d6ed794348aa33f2e
Analyzer Verdict Alert fortinet Phishing
GET /assets/userevents/application.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:36 GMT
content-type: application/x-javascript
cf-ray: 74ecac14ee0db515-OSL
access-control-allow-origin: *
age: 196
cache-control: public, max-age=1200
etag: W/"632b3357-1353"
expires: Thu, 22 Sep 2022 17:33:36 GMT
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=.N_EASVUHj9QgjaU5VyH6GE5y3XyDU3uHLU_GzNzdPw-1663866816-0-AWk9RIUVBlmERaQxyAXzgvEzezFsLKyakAkvY6Wl+8v1M1+tD0ElUMHmH9Oqc8znr4VVpUjVbWRf2irAsVMeEKitCd8Fmn0MmUnqDDGvU4me; path=/; expires=Thu, 22-Sep-22 17:43:36 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=WH9xm7OvDcJWl56f9lMLBDLJoipWDWnyjwGGBYCrlwU-1663866816-0-AXq_7suKgUewXRdqaBCqTY1Jaet1hOXn3prtHdd1LySWHPzjAUYc-uoBQhUpYcmvXQXeFiIgwH8ATGlfO3HikVRS3qj8XixxB4RKGMBuAX9F"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=WH9xm7OvDcJWl56f9lMLBDLJoipWDWnyjwGGBYCrlwU-1663866816-0-AXq_7suKgUewXRdqaBCqTY1Jaet1hOXn3prtHdd1LySWHPzjAUYc-uoBQhUpYcmvXQXeFiIgwH8ATGlfO3HikVRS3qj8XixxB4RKGMBuAX9F; report-to cf-csp-endpoint
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.bestforlife.life/assets/pushcrew.js
104.16.14.194200 OK 228 kB URL HTTP/2 www.bestforlife.life/assets/pushcrew.js
IP 104.16.14.194:0
File type ASCII text, with very long lines (637), with no line terminators
Size 228 kB (227627 bytes)
Hash 4cd29bd684779b855c7a01bb09dbe6a8
9244e5e928f2ed535f7a3d64c31a70deeb0a20b5
1132f2698f6aa45c3a5ba6903b55ce71d3033e0f3975c91dc8551919f6d87ebe
Analyzer Verdict Alert fortinet Phishing
GET /assets/pushcrew.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:36 GMT
content-type: application/x-javascript
cf-ray: 74ecac14de08b515-OSL
access-control-allow-origin: *
age: 1126
cache-control: public, max-age=1200
etag: W/"632b3356-27d"
expires: Thu, 22 Sep 2022 17:33:36 GMT
last-modified: Wed, 21 Sep 2022 15:52:54 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=cU_uX3BNCPnna0_dLsm74lCtc3qkefq1S.nrMyoXUAg-1663866816-0-AbNHTyquUdoPpZn6NoP2LWvp6gVXBEXdU9WE3bSTKCNbNw/7rZc6hI8yf94uXMh5T33B57KXL7CZXnzNgGuK/ET/Jj5O8rmCwLCs7U+EO34k; path=/; expires=Thu, 22-Sep-22 17:43:36 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18005
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:13:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18005
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:13:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18005
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:13:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18005
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:13:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18005
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:13:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 70768
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: bc551b18-fddb-4502-8c11-b8de83d75def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwlKzF9FoAMFp_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329b578-7e030b2e0af1d1c309d2dde6;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 12:43:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dRyKwUtxiHGz_bqMMSlRKS1cDNhKm_g1ocpZLmE15k8owH789jueWA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:19:10 GMT
age: 68067
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9becda6e892a190dbbc63216ae697506
ba3369e1827d8f01ca10acb8648195847dd02ffd
d71dd28e0ff260326ba0c30748fa11160f4544c2a264d3a3dc361af0de9fd283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb0692-30b9-4b69-a748-f7a4474a72e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11286
x-amzn-requestid: 7263b60d-fffe-4c0b-8de5-59dc9ac92a47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwZHOaIAMFSQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84cf-62e160b156b587cc21c7fda5;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QxgrVMX7xwI6qE3T3-LRS3JWoJauPyvCSb9TacW9-ktw-BIq5PSF-g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:26 GMT
etag: "ba3369e1827d8f01ca10acb8648195847dd02ffd"
content-type: image/jpeg
age: 69911
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UoQTXSP0LgR4LwELp2Avm27hUekfO9TU9yfvNbIlmUtB-FrU9MGRbg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:19 GMT
age: 69918
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Oem-Kw-aCUa2rA9B9-7CDYcZ-G968tFPnsrL5wJ9Dia43T5u6RDtg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
age: 70768
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0201d377c57a684452c0d26372e674d
3829f81048cc63b5f0d1e82dfbe3b8e31646e733
efa055dc93267be2dddd94b334c0655c2e1f1682467fd738e013a778aea175b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd654e30-611f-4c64-b1ad-43ca9fdedc0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14397
x-amzn-requestid: c5a03ce8-f695-4ad3-8c42-c3bfd47d6279
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1wLGqKIAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329699a-2b130d8b1a4b1b9131db8984;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: u2ObvTaTM2JREJRnWVxEdqPXYFWTdrtlqLLbHugcsNbENjZq63rKVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 15:24:06 GMT
age: 6571
etag: "3829f81048cc63b5f0d1e82dfbe3b8e31646e733"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 448899
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bestforlife.life/favicon.ico
162.241.63.77302 Found 0 B URL HTTP/2 bestforlife.life/favicon.ico
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
Cookie: PHPSESSID=a0ec3e535b308672e426f13154a3ceee; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYzNjYzNjU=:visited=true; cf:visitor_id=de33d3fd-39b7-40b4-8151-12f5da8f6182; cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo; addevent_track_cookie=950f626b-ba54-4a10-ace2-9d553dde5978
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
link: <https://bestforlife.life/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://bestforlife.life/wp-includes/images/w-logo-blue-white-bg.png
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 17:13:37 GMT
server: Apache
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/b7/0344e2a543416b818d21be670a9db5/home-reg-form-bg_IN.jpg
104.16.14.194200 OK 156 kB URL HTTP/2 www.bestforlife.life/hosted/images/b7/0344e2a543416b818d21be670a9db5/home-reg-form-bg_IN.jpg
IP 104.16.14.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 3000x941, components 3\012- data
Size 156 kB (155668 bytes)
Hash 65824abc7994521b4abe998544c68fa2
e6be12bee707d7219c427aea9cc8b54d5e3eaae7
879bfa9b6fa35b98fdc794778c185fa5fbe926b144cdf6f20519893016d91ff5
GET /hosted/images/b7/0344e2a543416b818d21be670a9db5/home-reg-form-bg_IN.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=.N_EASVUHj9QgjaU5VyH6GE5y3XyDU3uHLU_GzNzdPw-1663866816-0-AWk9RIUVBlmERaQxyAXzgvEzezFsLKyakAkvY6Wl+8v1M1+tD0ElUMHmH9Oqc8znr4VVpUjVbWRf2irAsVMeEKitCd8Fmn0MmUnqDDGvU4me
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:38 GMT
content-type: image/jpeg
content-length: 155668
cf-ray: 74ecac160fa6b515-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "65824abc7994521b4abe998544c68fa2"
last-modified: Tue, 20 Sep 2022 07:23:35 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
bestforlife.life/wp-includes/images/w-logo-blue-white-bg.png
162.241.63.77200 OK 4.1 kB URL HTTP/2 bestforlife.life/wp-includes/images/w-logo-blue-white-bg.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
Connection: keep-alive
Cookie: PHPSESSID=a0ec3e535b308672e426f13154a3ceee; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYzNjYzNjU=:visited=true; cf:visitor_id=de33d3fd-39b7-40b4-8151-12f5da8f6182; cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo; addevent_track_cookie=950f626b-ba54-4a10-ace2-9d553dde5978
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 08:34:02 GMT
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Thu, 22 Sep 2022 17:13:37 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 96f3639e0f20067a501f4b23622ccf27
a884b6a89d018d029940c30ab48af2bf2faeb00b
c658c6f010108155b7a741ed0b1ee8ddcbc365ead7700ace26560a0be1798afc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 17:03:04 GMT
expires: Thu, 22 Sep 2022 17:18:04 GMT
cache-control: public, max-age=900
age: 634
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 22 Sep 2022 17:13:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1b099985efaf8c67552ba2a67ae2a21
b464042a8dd957fd751bc03701e5907b85a02099
e715e3919eba0991fffa4e7123e5561c7190ec5cd6d10d64430be810650486a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 22 Sep 2022 17:13:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 17:13:38 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
162.241.63.77200 OK 758 kB URL HTTP/2 bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 758 kB (758221 bytes)
Hash a2ef598361a0491f65fa5c5f10cdeea8
a9785faa8b1814bf144c59ba942600f664c2af53
145a86ac5c843bdcdc4891e22d21479718c38743cb50ac0d41b41aeb33333968
Analyzer Verdict Alert fortinet Phishing
GET /india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=a0ec3e535b308672e426f13154a3ceee; path=/; secure; HttpOnly
__cf_bm=sY8CfQnKL.rmmFYhf_DHM0yxqm46qfNK3kGz3WDo_4E-1663866816-0-ATyjO2LVkLYRMi1g5up0kJnjCHrowCs5aGIc46RrVCKhyZskj8g2lfDBV49SGJw1c1/DGG2n8RdDmlXYHnsrarQrdNWD59AdY1cjP1qxoHe7; path=/; expires=Thu, 22-Sep-22 17:43:36 GMT; domain=.www.bestforlife.life; HttpOnly; Secure
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 17:13:35 GMT
server: Apache
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 4d3a296cf885f9d925994b9fec4216e2
c6ebeab021b462f34fe2a349023700966e42c985
20855396f806c61c353c81d26a6790e932adfd17b5d5f3a6011e945040e8b71f
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 17:13:38 GMT
server: ESF
cache-control: private
content-length: 30905
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04fcf7ddca845d2b087ec43ab5ff0d59
39060a9af77ba92e5db529ba7c79013d205c9423
1ae0d60b572f2075bddfe8ae2034ddd093150d0d18c72d967b3bb8c4abffb23e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35947)
Hash e50215251e55ca26c783e2e9b382e4a9
80a0845ea0b8569e6b04532c7f958ba759b4f207
85041f26f46486b46c2b91fa99da2e214250de0ec79a3c6edb94c73f7fc9243f
GET /js/th/NAdTarfwBmmVN2jO9_ZDZXbW2JobdXK1pZJ09rC2Bcw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14149
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:04:59 GMT
expires: Thu, 21 Sep 2023 05:04:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 15:00:00 GMT
content-type: text/javascript
age: 130119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ab9170d59e1c01422d2c55356248b569
0df99ca360de0b69a7e79d8e79b6383fec4a5453
7747cc09f59efbc03c3663c9be6bb63248a43f8f310c1bae1466255e83a72455
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8812bd1fa7aae4e1a1c07c8e83f169a8
343e735a6c9d78e904456984e4ad1c427ad9ff36
ff7c0bdf2f9bdc0eb48771a456424c8fa595ae398e1ba110f4fb54f1a1caaf8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/okEUYy2PvHY/sddefault.webp
142.250.74.118200 OK 16 kB URL HTTP/2 i.ytimg.com/vi_webp/okEUYy2PvHY/sddefault.webp
IP 142.250.74.118:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69490c2522e8f333f950460495642d0f
38cc10f4f16e24740ad20e5913e36fe93f7c47d6
d77c14b639141cdf468d350a5c658a02e81b37493aa20e4c7f164e61aa0bb585
GET /vi_webp/okEUYy2PvHY/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 16380
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 17:13:38 GMT
expires: Thu, 22 Sep 2022 17:18:38 GMT
cache-control: public, max-age=300
etag: "0"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f496e4355ffccd6fba034915c12c70a1
2c61850845d438dd487dd7307bc02a4edfbb06b2
cefcaa8d17b8eb8df7b3fe7b72d112e89530b6106cee3117db9bab08ffe6b70b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 17:13:38 GMT
server: ESF
cache-control: private
content-length: 30620
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8812bd1fa7aae4e1a1c07c8e83f169a8
343e735a6c9d78e904456984e4ad1c427ad9ff36
ff7c0bdf2f9bdc0eb48771a456424c8fa595ae398e1ba110f4fb54f1a1caaf8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb12d8049e6b06d6f51b3daa17217aef
2816919b2f4509f0f0183c8f3da864fe1d89a650
c860eff6b763d5e2afd0c911d5dfb5b64da84227a0da9e3f8e0645734a1d7c38
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-VhLl8DuOuhoCwoqc99mMiJSpIWXd7c2W6VYuICB8zmwo2CC9Jeuovuvv2Xu9E=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 651 B URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-VhLl8DuOuhoCwoqc99mMiJSpIWXd7c2W6VYuICB8zmwo2CC9Jeuovuvv2Xu9E=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 2b339402c32cd376de085bea391a76f2
b168d4d86e0b1380f03f31423ec2942d8bff8bda
5c12a35795f3b83184c70cb5014aecafdf916e0e1de447693a68b3681a0a0758
GET /ytc/AMLnZu-VhLl8DuOuhoCwoqc99mMiJSpIWXd7c2W6VYuICB8zmwo2CC9Jeuovuvv2Xu9E=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 651
x-xss-protection: 0
date: Thu, 22 Sep 2022 13:25:35 GMT
expires: Fri, 23 Sep 2022 13:25:35 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 13683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bestforlife.life/images/background.png?_unique=0.6722662630295124&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//bestforlife.life/india%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo&_title=Jeetcity%20Casino&_key=fyzzeg1v&_page_key=knabb6fl8kqpwjea&_fid=12446350&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo&_referrer=
104.16.14.194200 OK 375 B URL HTTP/2 www.bestforlife.life/images/background.png?_unique=0.6722662630295124&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//bestforlife.life/india%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo&_title=Jeetcity%20Casino&_key=fyzzeg1v&_page_key=knabb6fl8kqpwjea&_fid=12446350&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo&_referrer=
IP 104.16.14.194:0
File type ASCII text, with no line terminators
Hash 9daee754cbaf117fef1b3921b4b768b6
1feebecad956e6a1682d4cf986957fc84022000d
7530bb7b2db56dbe205b35a1513ea457b6e32bb96e77e352c7e8763349493d13
GET /images/background.png?_unique=0.6722662630295124&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//bestforlife.life/india%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo&_title=Jeetcity%20Casino&_key=fyzzeg1v&_page_key=knabb6fl8kqpwjea&_fid=12446350&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo&_referrer= HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:38 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 74ecac1f0c77b515-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: c35fc223ece1e4288d911804a49dcc62
x-runtime: 0.044384
set-cookie: __cf_bm=L4sWYpW5vK0968QhBpaW1VzEy6LyCm3sFqsUVRg9rv4-1663866818-0-AXIEG9kdNX4/ln3lvsIDK1+BgLEgDTXJU+dZofUvYk8MB6MPNtkSVmMMXgcgIRYSFomN3dOWlD+6o5NZR2ucfn3PekcPX5oQDB6ZEufjTwZY; path=/; expires=Thu, 22-Sep-22 17:43:38 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bestforlife.life/cdn-cgi/rum?
162.241.63.77404 Not Found 14 kB URL HTTP/2 bestforlife.life/cdn-cgi/rum?
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16728), with CRLF, LF line terminators
Hash 2fd342c93cb312faa1ba677916751786
73332a4af13a51ba7fef8f3b9e1e3f5829a216f4
1e8faf0b838b733a2bfaca8da5ed5b38140a6eddcbd290d6844224a364ab15c1
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/rum? HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 11149
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/india?cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
Cookie: PHPSESSID=a0ec3e535b308672e426f13154a3ceee; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYzNjYzNjU=:visited=true; cf:visitor_id=de33d3fd-39b7-40b4-8151-12f5da8f6182; cep=UGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo; addevent_track_cookie=950f626b-ba54-4a10-ace2-9d553dde5978
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://bestforlife.life/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 14262
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 17:13:38 GMT
server: Apache
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 17:13:39 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 22 Sep 2022 17:13:39 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a43e391d13ab6b086c254de9d9be3bae
2352fa00d69d2570f32b1280ac5cb6894f205581
c89bafeb11f46dedf5526c8dda219f1ecc117d048ab985c275091a4ff384557f
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 910
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 17:13:39 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6c47a3af505e9152cca460e0ecedc090
cb066f5fda5cdbfa09467438844e33b3c2aade57
917b884b8890f362e31ab225a09f39fc4cf2b72fab61f70bad44f63a1b68e3cb
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1104
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 22 Sep 2022 17:13:39 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/4a/259d6d557944a3ba32a71896c0821d/yg4-winner-gm-1-.jpg
104.16.14.194200 OK 16 kB URL HTTP/2 www.bestforlife.life/hosted/images/4a/259d6d557944a3ba32a71896c0821d/yg4-winner-gm-1-.jpg
IP 104.16.14.194:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, orientation=upper-left], progressive, precision 8, 380x220, components 3\012- data
Hash 6daee3627af104a5e773670f97a121ed
5c372c62d44b2fe3b5384eb2e3758f3d08f6225d
4a72e05fd533338e7e89bc0b84d580271937b8a0c2f6e0d106dceb4a6ab31b33
GET /hosted/images/4a/259d6d557944a3ba32a71896c0821d/yg4-winner-gm-1-.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=.N_EASVUHj9QgjaU5VyH6GE5y3XyDU3uHLU_GzNzdPw-1663866816-0-AWk9RIUVBlmERaQxyAXzgvEzezFsLKyakAkvY6Wl+8v1M1+tD0ElUMHmH9Oqc8znr4VVpUjVbWRf2irAsVMeEKitCd8Fmn0MmUnqDDGvU4me
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:39 GMT
content-type: image/jpeg
content-length: 15535
cf-ray: 74ecac1edc20b515-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "9ee74e7d730fc9f1a89a85f37e686db4"
last-modified: Tue, 20 Sep 2022 22:38:25 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=15644, status=webp_bigger
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/a3/84941e79e749d98e6d053f0260b788/award-4_en.png
104.16.14.194200 OK 14 kB URL HTTP/2 www.bestforlife.life/hosted/images/a3/84941e79e749d98e6d053f0260b788/award-4_en.png
IP 104.16.14.194:0
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash b23f8f54ca7abb700b60d729aa501b59
67d4177852367711d469014b4d6ad628f1c7ef37
73d59114ada9ae1fcca329c92713cd294e29c6471ed1e5b1cec036182ad94da2
GET /hosted/images/a3/84941e79e749d98e6d053f0260b788/award-4_en.png HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=.N_EASVUHj9QgjaU5VyH6GE5y3XyDU3uHLU_GzNzdPw-1663866816-0-AWk9RIUVBlmERaQxyAXzgvEzezFsLKyakAkvY6Wl+8v1M1+tD0ElUMHmH9Oqc8znr4VVpUjVbWRf2irAsVMeEKitCd8Fmn0MmUnqDDGvU4me
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:39 GMT
content-type: image/png
content-length: 13514
cf-ray: 74ecac1edc2bb515-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "937cf3f8584c35e27f97d9354fb41312"
last-modified: Mon, 12 Sep 2022 06:40:44 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13535
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/5f/9d9fd2f7b542179fd44868c1151845/award-1_en.png
104.16.14.194200 OK 28 kB URL HTTP/2 www.bestforlife.life/hosted/images/5f/9d9fd2f7b542179fd44868c1151845/award-1_en.png
IP 104.16.14.194:0
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash 7019715972c14ccc264916cb5797dc48
44f3faf4e591cc9ef9ad3761da4fbc2f0f3302db
a4902f16ae13da544d75eafbb37de6d71bda8ae9b19f90bfb03f38a80d99e6ad
GET /hosted/images/5f/9d9fd2f7b542179fd44868c1151845/award-1_en.png HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=.N_EASVUHj9QgjaU5VyH6GE5y3XyDU3uHLU_GzNzdPw-1663866816-0-AWk9RIUVBlmERaQxyAXzgvEzezFsLKyakAkvY6Wl+8v1M1+tD0ElUMHmH9Oqc8znr4VVpUjVbWRf2irAsVMeEKitCd8Fmn0MmUnqDDGvU4me
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:39 GMT
content-type: image/png
content-length: 27840
cf-ray: 74ecac1edc27b515-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "1929b0d827ebdc6e911d585c21a34cf5"
last-modified: Mon, 12 Sep 2022 06:40:43 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=27861
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 22 Sep 2022 17:13:39 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 4389
x-timer: S1663866820.781945,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/e7/9c5e6dbb284b419f2581a72d8f3e84/award-5_en.png
104.16.14.194200 OK 38 kB URL HTTP/2 www.bestforlife.life/hosted/images/e7/9c5e6dbb284b419f2581a72d8f3e84/award-5_en.png
IP 104.16.14.194:0
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash ce7b869474e06a1514a28029fe8fa9bc
ea6626ab98fc9c58b2c4e41f1d409aded8697e2b
e55d0a706f85ff9918f5d1c5f8edbb291fe4b4d33991e10ce9f6fc43c5a3cf0c
GET /hosted/images/e7/9c5e6dbb284b419f2581a72d8f3e84/award-5_en.png HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=.N_EASVUHj9QgjaU5VyH6GE5y3XyDU3uHLU_GzNzdPw-1663866816-0-AWk9RIUVBlmERaQxyAXzgvEzezFsLKyakAkvY6Wl+8v1M1+tD0ElUMHmH9Oqc8znr4VVpUjVbWRf2irAsVMeEKitCd8Fmn0MmUnqDDGvU4me
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:39 GMT
content-type: image/png
content-length: 37891
cf-ray: 74ecac1edc29b515-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "bef47ae0e5472d7cd0e2217b855bca7e"
last-modified: Mon, 12 Sep 2022 06:40:44 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=37912
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/31/feeb7ef4754395a22472356af89d12/yg4-winner-ir.jpg
104.16.14.194200 OK 11 kB URL HTTP/2 www.bestforlife.life/hosted/images/31/feeb7ef4754395a22472356af89d12/yg4-winner-ir.jpg
IP 104.16.14.194:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, orientation=upper-left], progressive, precision 8, 380x220, components 3\012- data
Hash 2741cb7ef995804be21818c42bef4b52
3d7b57a79949d7b8b804bd65479b8989b1fa72e2
31ed2d20c48e3be84b70c5da50add44e104fba41cf78d8a7968116dbb8c00062
GET /hosted/images/31/feeb7ef4754395a22472356af89d12/yg4-winner-ir.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=.N_EASVUHj9QgjaU5VyH6GE5y3XyDU3uHLU_GzNzdPw-1663866816-0-AWk9RIUVBlmERaQxyAXzgvEzezFsLKyakAkvY6Wl+8v1M1+tD0ElUMHmH9Oqc8znr4VVpUjVbWRf2irAsVMeEKitCd8Fmn0MmUnqDDGvU4me
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:39 GMT
content-type: image/jpeg
content-length: 10672
cf-ray: 74ecac1edc1eb515-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "f8203edaf825f12c9f2878733a17eefc"
last-modified: Tue, 20 Sep 2022 22:38:08 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10869, status=webp_bigger
x-amz-cf-pop: OSL50-C1
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=9Z3xZWmZGe9ZPUZWh8P23wF6PoBCi87._IMWkwhJbK8-1663866819-0-AU_AkrP-i4smmZK3Pe5-JiNsZ-PG-OjATTLKEoxJW_9NdRw-ABylwa0a3LvX_gW9HCLSsQx-_CSXqGa3ZPQ7NW-wtwRVHpHCZ_Vwntdmx4lq"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=9Z3xZWmZGe9ZPUZWh8P23wF6PoBCi87._IMWkwhJbK8-1663866819-0-AU_AkrP-i4smmZK3Pe5-JiNsZ-PG-OjATTLKEoxJW_9NdRw-ABylwa0a3LvX_gW9HCLSsQx-_CSXqGa3ZPQ7NW-wtwRVHpHCZ_Vwntdmx4lq; report-to cf-csp-endpoint
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/19/5fbfa939824f7cb34e20bc7c93965f/yg4-winner-dp-1-.jpg
104.16.14.194200 OK 18 kB URL HTTP/2 www.bestforlife.life/hosted/images/19/5fbfa939824f7cb34e20bc7c93965f/yg4-winner-dp-1-.jpg
IP 104.16.14.194:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, orientation=upper-left], progressive, precision 8, 380x220, components 3\012- data
Hash 9afa309d09d421cb5e6982c086b657bb
82da08a6ee5e57a15396f5bfebf3175ebe2330fa
a20841a87de609409625b9b8ee4b2e7e0e33c9c74353ad848af8b71d1a1860ac
GET /hosted/images/19/5fbfa939824f7cb34e20bc7c93965f/yg4-winner-dp-1-.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=.N_EASVUHj9QgjaU5VyH6GE5y3XyDU3uHLU_GzNzdPw-1663866816-0-AWk9RIUVBlmERaQxyAXzgvEzezFsLKyakAkvY6Wl+8v1M1+tD0ElUMHmH9Oqc8znr4VVpUjVbWRf2irAsVMeEKitCd8Fmn0MmUnqDDGvU4me
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:39 GMT
content-type: image/jpeg
content-length: 17961
cf-ray: 74ecac1edc24b515-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "9607c8474129e1d5ab5dde2c92007ffe"
last-modified: Tue, 20 Sep 2022 22:38:50 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=18118, status=webp_bigger
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d42f2291100fe0703a7eebdc6de8acc3
6b03000e82ddf4dad3af2236ff1943ca40054fc3
6b2dc77e7380de5c977c4185321775d078038f2e48f7c8feb7cbcc6f3cb444e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5774
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:13:39 GMT
Last-Modified: Thu, 22 Sep 2022 15:37:25 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4821&ck=1&ref=https://bestforlife.life/india&ap=316&be=1332&fe=3296&dc=2290&perf=%7B%22timing%22:%7B%22of%22:1663866814571,%22n%22:0,%22f%22:359,%22dn%22:399,%22dne%22:401,%22c%22:401,%22s%22:522,%22ce%22:826,%22rq%22:826,%22rp%22:1303,%22rpe%22:1303,%22dl%22:1319,%22di%22:2260,%22ds%22:2290,%22de%22:2405,%22dc%22:3296,%22l%22:3296,%22le%22:3423%7D,%22navigation%22:%7B%7D%7D&fcp=1957&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4821&ck=1&ref=https://bestforlife.life/india&ap=316&be=1332&fe=3296&dc=2290&perf=%7B%22timing%22:%7B%22of%22:1663866814571,%22n%22:0,%22f%22:359,%22dn%22:399,%22dne%22:401,%22c%22:401,%22s%22:522,%22ce%22:826,%22rq%22:826,%22rp%22:1303,%22rpe%22:1303,%22dl%22:1319,%22di%22:2260,%22ds%22:2290,%22de%22:2405,%22dc%22:3296,%22l%22:3296,%22le%22:3423%7D,%22navigation%22:%7B%7D%7D&fcp=1957&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4821&ck=1&ref=https://bestforlife.life/india&ap=316&be=1332&fe=3296&dc=2290&perf=%7B%22timing%22:%7B%22of%22:1663866814571,%22n%22:0,%22f%22:359,%22dn%22:399,%22dne%22:401,%22c%22:401,%22s%22:522,%22ce%22:826,%22rq%22:826,%22rp%22:1303,%22rpe%22:1303,%22dl%22:1319,%22di%22:2260,%22ds%22:2290,%22de%22:2405,%22dc%22:3296,%22l%22:3296,%22le%22:3423%7D,%22navigation%22:%7B%7D%7D&fcp=1957&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 17:13:40 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74ecac285d971bfa-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=dbefc8b0043f8579; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 17:13:36 GMT
date: Thu, 22 Sep 2022 17:13:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=T3kxNWpxVDU0TkpRcHduRHV2ck9tQT09LS1NWncyMVBaRHh5USt5S04vZjRVdlVRPT0%3D--90b784ebfdf066c78a0b3a18f131a6795b49b925&page_id=czRCdkYwNWhWNlhGdnU5MWdOVWtsdz09LS0xZTdZVVIrU1hOcmhkQWhXL3RZajRnPT0%3D--b4e34e5e1e58227c26d98c1d746bcbaeed313a13&funnel_step_id=djd5ZHdxMlUxTXJsVlA1cGtNUkhGZz09LS1LaG81ZGNQZDVDVzRzT0ExYjVzQTJnPT0%3D--4c45d3905f3160f3a997e8c995b74241831da20d&user_id=aElSeVJsMnV1a3pNcDR6TjdHeGtUUT09LS1ObzBXdUFrcnBoUFRhZ3VDZTdCZVhBPT0%3D--3904afd23ccc9d6c12cc8ac33a8d3864190bd1d5&account_id=d2QydEVFRVh5dGZGNC9LUHBuS2pIdz09LS1pdjA3YjVLeHVqMk9ma1hQSDF6dXFRPT0%3D--b21a62eba126483145d8803d9d05ffa91da1be31&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=d2f317c3-c5d8-481d-8542-e1a6cefe94b8&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
104.16.16.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=T3kxNWpxVDU0TkpRcHduRHV2ck9tQT09LS1NWncyMVBaRHh5USt5S04vZjRVdlVRPT0%3D--90b784ebfdf066c78a0b3a18f131a6795b49b925&page_id=czRCdkYwNWhWNlhGdnU5MWdOVWtsdz09LS0xZTdZVVIrU1hOcmhkQWhXL3RZajRnPT0%3D--b4e34e5e1e58227c26d98c1d746bcbaeed313a13&funnel_step_id=djd5ZHdxMlUxTXJsVlA1cGtNUkhGZz09LS1LaG81ZGNQZDVDVzRzT0ExYjVzQTJnPT0%3D--4c45d3905f3160f3a997e8c995b74241831da20d&user_id=aElSeVJsMnV1a3pNcDR6TjdHeGtUUT09LS1ObzBXdUFrcnBoUFRhZ3VDZTdCZVhBPT0%3D--3904afd23ccc9d6c12cc8ac33a8d3864190bd1d5&account_id=d2QydEVFRVh5dGZGNC9LUHBuS2pIdz09LS1pdjA3YjVLeHVqMk9ma1hQSDF6dXFRPT0%3D--b21a62eba126483145d8803d9d05ffa91da1be31&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=d2f317c3-c5d8-481d-8542-e1a6cefe94b8&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
IP 104.16.16.194:0
GET /userevents/?funnel_id=T3kxNWpxVDU0TkpRcHduRHV2ck9tQT09LS1NWncyMVBaRHh5USt5S04vZjRVdlVRPT0%3D--90b784ebfdf066c78a0b3a18f131a6795b49b925&page_id=czRCdkYwNWhWNlhGdnU5MWdOVWtsdz09LS0xZTdZVVIrU1hOcmhkQWhXL3RZajRnPT0%3D--b4e34e5e1e58227c26d98c1d746bcbaeed313a13&funnel_step_id=djd5ZHdxMlUxTXJsVlA1cGtNUkhGZz09LS1LaG81ZGNQZDVDVzRzT0ExYjVzQTJnPT0%3D--4c45d3905f3160f3a997e8c995b74241831da20d&user_id=aElSeVJsMnV1a3pNcDR6TjdHeGtUUT09LS1ObzBXdUFrcnBoUFRhZ3VDZTdCZVhBPT0%3D--3904afd23ccc9d6c12cc8ac33a8d3864190bd1d5&account_id=d2QydEVFRVh5dGZGNC9LUHBuS2pIdz09LS1pdjA3YjVLeHVqMk9ma1hQSDF6dXFRPT0%3D--b21a62eba126483145d8803d9d05ffa91da1be31&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=d2f317c3-c5d8-481d-8542-e1a6cefe94b8&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Thu, 22 Sep 2022 17:13:37 GMT
content-type: text/html
cf-ray: 74ecac186fa70b39-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 1ebc181854879079217858177abc1a18
x-runtime: 0.042322
set-cookie: __cf_bm=ktFTJa39mwPwViBJRjm35UnKHC_SKwwxbEnT6A7oCxQ-1663866817-0-AThcTN9iFU8crnKCKgZWN8fFpK/nLEawl6fiWazlwksuwKWZwNlMdvTPQLqrtFOTrElxrIesCyrvC/gK8RTEy0rOXyD++8PXUjwqlBKGNLgK; path=/; expires=Thu, 22-Sep-22 17:43:37 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=T3kxNWpxVDU0TkpRcHduRHV2ck9tQT09LS1NWncyMVBaRHh5USt5S04vZjRVdlVRPT0%3D--90b784ebfdf066c78a0b3a18f131a6795b49b925&page_id=czRCdkYwNWhWNlhGdnU5MWdOVWtsdz09LS0xZTdZVVIrU1hOcmhkQWhXL3RZajRnPT0%3D--b4e34e5e1e58227c26d98c1d746bcbaeed313a13&funnel_step_id=djd5ZHdxMlUxTXJsVlA1cGtNUkhGZz09LS1LaG81ZGNQZDVDVzRzT0ExYjVzQTJnPT0%3D--4c45d3905f3160f3a997e8c995b74241831da20d&user_id=aElSeVJsMnV1a3pNcDR6TjdHeGtUUT09LS1ObzBXdUFrcnBoUFRhZ3VDZTdCZVhBPT0%3D--3904afd23ccc9d6c12cc8ac33a8d3864190bd1d5&account_id=d2QydEVFRVh5dGZGNC9LUHBuS2pIdz09LS1pdjA3YjVLeHVqMk9ma1hQSDF6dXFRPT0%3D--b21a62eba126483145d8803d9d05ffa91da1be31&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=c790c9e3-7600-4de1-ae55-e24db0851d7c&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
104.16.16.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=T3kxNWpxVDU0TkpRcHduRHV2ck9tQT09LS1NWncyMVBaRHh5USt5S04vZjRVdlVRPT0%3D--90b784ebfdf066c78a0b3a18f131a6795b49b925&page_id=czRCdkYwNWhWNlhGdnU5MWdOVWtsdz09LS0xZTdZVVIrU1hOcmhkQWhXL3RZajRnPT0%3D--b4e34e5e1e58227c26d98c1d746bcbaeed313a13&funnel_step_id=djd5ZHdxMlUxTXJsVlA1cGtNUkhGZz09LS1LaG81ZGNQZDVDVzRzT0ExYjVzQTJnPT0%3D--4c45d3905f3160f3a997e8c995b74241831da20d&user_id=aElSeVJsMnV1a3pNcDR6TjdHeGtUUT09LS1ObzBXdUFrcnBoUFRhZ3VDZTdCZVhBPT0%3D--3904afd23ccc9d6c12cc8ac33a8d3864190bd1d5&account_id=d2QydEVFRVh5dGZGNC9LUHBuS2pIdz09LS1pdjA3YjVLeHVqMk9ma1hQSDF6dXFRPT0%3D--b21a62eba126483145d8803d9d05ffa91da1be31&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=c790c9e3-7600-4de1-ae55-e24db0851d7c&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
IP 104.16.16.194:0
GET /userevents/?funnel_id=T3kxNWpxVDU0TkpRcHduRHV2ck9tQT09LS1NWncyMVBaRHh5USt5S04vZjRVdlVRPT0%3D--90b784ebfdf066c78a0b3a18f131a6795b49b925&page_id=czRCdkYwNWhWNlhGdnU5MWdOVWtsdz09LS0xZTdZVVIrU1hOcmhkQWhXL3RZajRnPT0%3D--b4e34e5e1e58227c26d98c1d746bcbaeed313a13&funnel_step_id=djd5ZHdxMlUxTXJsVlA1cGtNUkhGZz09LS1LaG81ZGNQZDVDVzRzT0ExYjVzQTJnPT0%3D--4c45d3905f3160f3a997e8c995b74241831da20d&user_id=aElSeVJsMnV1a3pNcDR6TjdHeGtUUT09LS1ObzBXdUFrcnBoUFRhZ3VDZTdCZVhBPT0%3D--3904afd23ccc9d6c12cc8ac33a8d3864190bd1d5&account_id=d2QydEVFRVh5dGZGNC9LUHBuS2pIdz09LS1pdjA3YjVLeHVqMk9ma1hQSDF6dXFRPT0%3D--b21a62eba126483145d8803d9d05ffa91da1be31&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=c790c9e3-7600-4de1-ae55-e24db0851d7c&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Thu, 22 Sep 2022 17:13:37 GMT
content-type: text/html
cf-ray: 74ecac186fa60b39-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 833ce173671a620ee35a05ccb05e44a6
x-runtime: 0.036572
set-cookie: __cf_bm=cw5q..kVAoolss_GQIkA_dv7pbc9MAv1BjvUQOJoEK4-1663866817-0-Ac8ct0ZJFS3kU8w6yB14yL06PVhn3kMtNvTFm0Wp+v3QPWa9C8YQMZToqsjAJgf4Q841PfiWzHPGPHvzMDNBBIBYxZuiyFiDOnOXYxHMVNlB; path=/; expires=Thu, 22-Sep-22 17:43:37 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.youtube.com/embed/okEUYy2PvHY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/okEUYy2PvHY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
IP 142.250.74.14:0
GET /embed/okEUYy2PvHY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 22 Sep 2022 17:13:37 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=0M3Xuo1enj4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=UXarPw_mrjc; Domain=.youtube.com; Expires=Tue, 21-Mar-2023 17:13:37 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+088; expires=Sat, 21-Sep-2024 17:13:37 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.132.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:36 GMT
content-type: text/css
x-amz-id-2: HpuDfuJOnoRBIn1oGWh6kpnFISyPAhBcUuSh2sgaSOixf+diILYpFUsoF1uDkiR93wgKGECAn7k=
x-amz-request-id: F0PPGVAN5CXAHSGM
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28633838
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UV99UIaQCyzu9lehQ1vyMh%2FMMq5rFWvu9R3Rgpa8veb1PwIomLA%2FX0eHHSglRy5ItJq3clhcMF9lQSjDgADN9rcVjXlGGXs%2Fm88J3axFFEV3KfVQiPqCGQomwO8%2Bdgu0WqVrMqEu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ecac131a9272eb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bestforlife.life/assets/lander.css
104.16.14.194200 OK 0 B URL HTTP/2 www.bestforlife.life/assets/lander.css
IP 104.16.14.194:0
GET /assets/lander.css HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:36 GMT
content-type: text/css
cf-ray: 74ecac14ee0eb515-OSL
access-control-allow-origin: *
age: 196
cache-control: public, max-age=1200
etag: W/"632b3357-6a514"
expires: Thu, 22 Sep 2022 17:33:36 GMT
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=e3eihdXGX5XwEpHVcoZkPz_hMcqpir9dxrXER2_WzcI-1663866816-0-ATeF0TsSmR/osku1lRfa07Dwhx3zyNMnU0yd0njK9WWXXtgjvie3jtgrbLhefzQ0WiE1kUzNiIPNr0/mgtpqoPG19Dwg8EJgON7SPp+pDiwU; path=/; expires=Thu, 22-Sep-22 17:43:36 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.bestforlife.life/vendor.js
104.16.14.194200 OK 0 B URL HTTP/2 www.bestforlife.life/vendor.js
IP 104.16.14.194:0
Analyzer Verdict Alert fortinet Phishing
GET /vendor.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=.N_EASVUHj9QgjaU5VyH6GE5y3XyDU3uHLU_GzNzdPw-1663866816-0-AWk9RIUVBlmERaQxyAXzgvEzezFsLKyakAkvY6Wl+8v1M1+tD0ElUMHmH9Oqc8znr4VVpUjVbWRf2irAsVMeEKitCd8Fmn0MmUnqDDGvU4me
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:37 GMT
content-type: application/javascript
cf-ray: 74ecac182afcb515-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: ea5ed2d59b93be697c73cb5778d2a3a5
x-runtime: 0.018745
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=T3kxNWpxVDU0TkpRcHduRHV2ck9tQT09LS1NWncyMVBaRHh5USt5S04vZjRVdlVRPT0%3D--90b784ebfdf066c78a0b3a18f131a6795b49b925&page_id=czRCdkYwNWhWNlhGdnU5MWdOVWtsdz09LS0xZTdZVVIrU1hOcmhkQWhXL3RZajRnPT0%3D--b4e34e5e1e58227c26d98c1d746bcbaeed313a13&funnel_step_id=djd5ZHdxMlUxTXJsVlA1cGtNUkhGZz09LS1LaG81ZGNQZDVDVzRzT0ExYjVzQTJnPT0%3D--4c45d3905f3160f3a997e8c995b74241831da20d&user_id=aElSeVJsMnV1a3pNcDR6TjdHeGtUUT09LS1ObzBXdUFrcnBoUFRhZ3VDZTdCZVhBPT0%3D--3904afd23ccc9d6c12cc8ac33a8d3864190bd1d5&account_id=d2QydEVFRVh5dGZGNC9LUHBuS2pIdz09LS1pdjA3YjVLeHVqMk9ma1hQSDF6dXFRPT0%3D--b21a62eba126483145d8803d9d05ffa91da1be31&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=b5dc1add-d3d0-40a4-8b84-47d034bce25c&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
104.16.16.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=T3kxNWpxVDU0TkpRcHduRHV2ck9tQT09LS1NWncyMVBaRHh5USt5S04vZjRVdlVRPT0%3D--90b784ebfdf066c78a0b3a18f131a6795b49b925&page_id=czRCdkYwNWhWNlhGdnU5MWdOVWtsdz09LS0xZTdZVVIrU1hOcmhkQWhXL3RZajRnPT0%3D--b4e34e5e1e58227c26d98c1d746bcbaeed313a13&funnel_step_id=djd5ZHdxMlUxTXJsVlA1cGtNUkhGZz09LS1LaG81ZGNQZDVDVzRzT0ExYjVzQTJnPT0%3D--4c45d3905f3160f3a997e8c995b74241831da20d&user_id=aElSeVJsMnV1a3pNcDR6TjdHeGtUUT09LS1ObzBXdUFrcnBoUFRhZ3VDZTdCZVhBPT0%3D--3904afd23ccc9d6c12cc8ac33a8d3864190bd1d5&account_id=d2QydEVFRVh5dGZGNC9LUHBuS2pIdz09LS1pdjA3YjVLeHVqMk9ma1hQSDF6dXFRPT0%3D--b21a62eba126483145d8803d9d05ffa91da1be31&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=b5dc1add-d3d0-40a4-8b84-47d034bce25c&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo
IP 104.16.16.194:0
GET /userevents/?funnel_id=T3kxNWpxVDU0TkpRcHduRHV2ck9tQT09LS1NWncyMVBaRHh5USt5S04vZjRVdlVRPT0%3D--90b784ebfdf066c78a0b3a18f131a6795b49b925&page_id=czRCdkYwNWhWNlhGdnU5MWdOVWtsdz09LS0xZTdZVVIrU1hOcmhkQWhXL3RZajRnPT0%3D--b4e34e5e1e58227c26d98c1d746bcbaeed313a13&funnel_step_id=djd5ZHdxMlUxTXJsVlA1cGtNUkhGZz09LS1LaG81ZGNQZDVDVzRzT0ExYjVzQTJnPT0%3D--4c45d3905f3160f3a997e8c995b74241831da20d&user_id=aElSeVJsMnV1a3pNcDR6TjdHeGtUUT09LS1ObzBXdUFrcnBoUFRhZ3VDZTdCZVhBPT0%3D--3904afd23ccc9d6c12cc8ac33a8d3864190bd1d5&account_id=d2QydEVFRVh5dGZGNC9LUHBuS2pIdz09LS1pdjA3YjVLeHVqMk9ma1hQSDF6dXFRPT0%3D--b21a62eba126483145d8803d9d05ffa91da1be31&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=b5dc1add-d3d0-40a4-8b84-47d034bce25c&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3DUGzJUh8g8PCs2q-9ZF_GatjzCd7M2b2-BXCXQgbtgMrQvMAaHgMC4rdygR3jxxiSxNeM8AsD5l_8PtQiMf8q-aWu_tNPFBtwXdJGleBK2RrCD6gCSt5DcM_CDc51eShVCkwSdCSL8MQBth1Wee5ToOe7eqNSJ_V-3XiSERDOlk3kRmT2FuaJie7sbttxu00n7VSG0sXUv_XeyxEmKTJD6U1cAYzAoqjbxFDeluqRX8kay_pNWWsefoXNomCJ6SdxZotbLBuFniu_zAoC2Q79DScn4UZV28_0DPEWxVxqy5VPNrThpsWCkEJBv9YEedjhXqb_--GwHj1sokwpToorhqqjOh85lxIhxU41zUYkN5YtznEAxEj1vDPpHAgsqoQo HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Thu, 22 Sep 2022 17:13:37 GMT
content-type: text/html
cf-ray: 74ecac187fac0b39-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 8fd3e7e9a792da5456f751166e943d3c
x-runtime: 0.037738
set-cookie: __cf_bm=GmPOoz2r79L1nnsoyZb1OhAvnwLsReF06SaoTbJ7SvM-1663866817-0-AUkK3ZdsfGAo6iDXQwPYQub22IWmZKurfOdUtdCU48WcRQvEQdOvXl2UM7UQ+NEb81NNzdsKh51P3n0VqKuWvOKrRy6mxp2uyzznHh6un9J4; path=/; expires=Thu, 22-Sep-22 17:43:37 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/images/closemodal.png
104.16.16.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/images/closemodal.png
IP 104.16.16.194:0
GET /images/closemodal.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=_gRLRGhhWJBI1uS3afe_0POAURxOV3V4BhqjsoCpMbk-1663866816-0-AZ2xPaBw6bEzvE7Ypikv9gdX7l9C0NzVjDwJfotB6t0A3iXiKwMDZJSeDmIfnzD0zCVL9gS4uLjU/cVd95DNdCGbriQZs5jZGlASxFj9NqpW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:13:38 GMT
content-type: image/webp
cf-ray: 74ecac1ecf170b39-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1896480
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sun, 23 Oct 2022 17:13:38 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2