r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10768
Expires: Mon, 28 Nov 2022 12:22:32 GMT
Date: Mon, 28 Nov 2022 09:23:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5864
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:04 GMT
Last-Modified: Mon, 28 Nov 2022 07:45:20 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9545
Expires: Mon, 28 Nov 2022 12:02:09 GMT
Date: Mon, 28 Nov 2022 09:23:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 09:19:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 212
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7NrN3Xmx9/QZiKLWRqTc2nvSQhXAa3DYIKFZNwGlzEfBP0X6BkiApve2b1HYo2R7SLRwAavoAp4=
x-amz-request-id: K1R1W456Y2J7MM2A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 08:44:58 GMT
age: 2286
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 09:23:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
master.masterclasstoolbox.com/ga/click/2-414191892-1899-15297-29870-27763-346a3e325a-j3fbf5008d
144.91.96.103302 Found 207 B URL HTTP/1.1 master.masterclasstoolbox.com/ga/click/2-414191892-1899-15297-29870-27763-346a3e325a-j3fbf5008d
IP 144.91.96.103:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 8304ed8605a155977bf129445cc81258
2520f76f0552ef56b85ddf54d720312ee18e882f
a36e88315eda04cbc1193c7dabc203690b23047231559fe529ec90f9372f93d0
Analyzer Verdict Alert fortinet Phishing
GET /ga/click/2-414191892-1899-15297-29870-27763-346a3e325a-j3fbf5008d HTTP/1.1
Host: master.masterclasstoolbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:23:04 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Request-Id: 9c1fbc953433b74896ff17afb8dc0c75
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Location: http://next.onelifewellnesscoach.com/kbfdhbvydgeruhdbvetyvcuerhbfewvcyegfuiwebvdsyucgvw/vnbgsdvfyctgceruifevytcgefuifewbcsdvyucgeuihfbwevycus
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.020007
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 09:08:55 GMT
cache-control: public,max-age=3600
age: 849
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3725
Cache-Control: max-age=89153
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:04 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:08:57 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
next.onelifewellnesscoach.com/kbfdhbvydgeruhdbvetyvcuerhbfewvcyegfuiwebvdsyucgvw/vnbgsdvfyctgceruifevytcgefuifewbcsdvyucgeuihfbwevycus
66.150.130.192302 Found 0 B URL HTTP/1.1 next.onelifewellnesscoach.com/kbfdhbvydgeruhdbvetyvcuerhbfewvcyegfuiwebvdsyucgvw/vnbgsdvfyctgceruifevytcgefuifewbcsdvyucgeuihfbwevycus
IP 66.150.130.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /kbfdhbvydgeruhdbvetyvcuerhbfewvcyegfuiwebvdsyucgvw/vnbgsdvfyctgceruifevytcgefuifewbcsdvyucgeuihfbwevycus HTTP/1.1
Host: next.onelifewellnesscoach.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 09:23:04 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://mwebnice.com/7761/26/2/?subid=Onsmkreq
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.42.234.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.234.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PtseqEyZQGy2beXFeKz7DA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7bOBg23VRcAa7cA5knMZ69HC4i0=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cb5eccda2a96e34fd5298f2f0d90fdc6
a59087db28aa17d21dc4b5d5b701ec7bea5ab2ed
3f4b79807404d1b75861a87d406d3ebb7e13da65085ed10b709df1e0f2d2c634
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=139815
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:05 GMT
Etag: "6383fd20-117"
Expires: Wed, 30 Nov 2022 00:13:20 GMT
Last-Modified: Mon, 28 Nov 2022 00:13:20 GMT
Server: nginx
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9a64b3d9d0cae87a4c9c067c30ae885e
381c596acda4ecaa2d95b8b2a231ab77af997547
29537fa10351b7cf802c8248bd14e81fdaa9c51d35b812bc53d0db5f8727759f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115285
Date: Mon, 28 Nov 2022 09:23:05 GMT
Etag: "638390ad-1d7"
Expires: Tue, 29 Nov 2022 17:24:30 GMT
Last-Modified: Sun, 27 Nov 2022 16:30:37 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jagVWNf3RdlCljwqbEHqQt6XT2jIE5fkKKwuShY1HNktd-y0MUX2Dw==
Age: 3233
alphanation.go2cloud.org/aff_c?offer_id=24&aff_id=1005&aff_click_id=7761_sessid20221128092316789&aff_sub=26
18.202.12.61302 Found 297 B URL HTTP/1.1 alphanation.go2cloud.org/aff_c?offer_id=24&aff_id=1005&aff_click_id=7761_sessid20221128092316789&aff_sub=26
IP 18.202.12.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 11ccc7f403a4460825e70ffcf08ccd3e
b08aec68c6f3d51eb9b2281d769853e98fcab25f
8800e34974282174510774162cb77d00ba9a849858b6baf145fe89f81c29d238
GET /aff_c?offer_id=24&aff_id=1005&aff_click_id=7761_sessid20221128092316789&aff_sub=26 HTTP/1.1
Host: alphanation.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 28 Nov 2022 09:23:05 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 297
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://getmitolean.com?aff=1005&source=&offer=24&afsub=26&transid=1025855cd5998db21c3e2453def46b
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_24=ENC03b2f33251bf38250cb405adcbba04e56599287f3fd0943ae8632c6b92f0dd8bde08486be33bcc0dcf1292a2654529aba6f35e138090062543b756a2f28fb50043a47d31a17c3f2ac08af8a08e8cdeebdf31ded520d807792192a24afb3e49ff6c2222ed096e84e7d43bb2f438fe59613a7dd95a7ec961b26c36f1b4ad0531993d020d7b62; expires=Wed, 28 Dec 2022 09:23:05 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Wed, 22 Oct 2025 20:03:05 GMT; path=/; SameSite=None; Secure
Tracking_id: 1025855cd5998db21c3e2453def46b
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 0b3fb26d6135deaeb3c7af5e4b55ec43
Access-Control-Allow-Headers: Tune-SDK-Version
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e00270e1044957f40cc0d378b06505b
00a240512b1dfd82d968d7dafef1d0e15b9d1c70
e081394dc8a726f7f9e08e6494575c08c9b3a793fcf6656dec2649b9c6b3f181
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E081394DC8A726F7F9E08E6494575C08C9B3A793FCF6656DEC2649B9C6B3F181"
Last-Modified: Sat, 26 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Mon, 28 Nov 2022 15:22:21 GMT
Date: Mon, 28 Nov 2022 09:23:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e00270e1044957f40cc0d378b06505b
00a240512b1dfd82d968d7dafef1d0e15b9d1c70
e081394dc8a726f7f9e08e6494575c08c9b3a793fcf6656dec2649b9c6b3f181
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E081394DC8A726F7F9E08E6494575C08C9B3A793FCF6656DEC2649B9C6B3F181"
Last-Modified: Sat, 26 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Mon, 28 Nov 2022 15:22:21 GMT
Date: Mon, 28 Nov 2022 09:23:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 3.7 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ec9e4b2cf1a9fe3385baa78495af6f8
a9d72ff8b0bb8ae0a0284914f6aad300b044ae57
0d2fde0188284978decc8e0d2730842b4acf5e88841c88bca4cc8476e7028330
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:23:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 744 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c2726640aba8c28655c0f0dba783a275
4ac9be07060269cc461291957a61525b7c507fa7
8cc4db591e1b9b023882d595bb9bbf3f61dae5466fe4bc1a3b6b3c4e9b0fccb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:23:06 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 40880
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7288
Expires: Mon, 28 Nov 2022 11:24:34 GMT
Date: Mon, 28 Nov 2022 09:23:06 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e240caa3153ea25c34d07185b47f8a5
602e8ba5c6671ff947acfda757577ddc8ecec6ec
c2b37bf1ef003ceffaaf4612f2001b6f7998d5b95cd55b32c79fefcb24ccad7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11255
x-amzn-requestid: ce06e0cc-3874-4a3d-a6c5-5cc1cb342138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7w8EEOIAMF_6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99f-5ca652aa369ee1690b0d08cc;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6qKDE2jlIb8D2Mhg-OcsfU1haVtyGYfcMcs1NJT_HPlTv-O26tR60w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:54:34 GMT
age: 41312
etag: "602e8ba5c6671ff947acfda757577ddc8ecec6ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 40880
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AhbL-wXc_eYsgxdjf0DIEJD7Z3XfXMjXwDC52Bz_SnvmmWAhl3g99A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:38 GMT
age: 41488
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.74200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getmitolean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 14:19:24 GMT
expires: Sat, 25 Nov 2023 14:19:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 241422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: up0DWugUp4S0jAtsA-KBRapBAHtcHCdTwWJock-y22fqyL6_YVFeqg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 41517
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa848cb85e85df184b078fe7aa95ae52
21aa6418f3a0d2b64925b66d5fb9079b7e84a11c
37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5989
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78LHQqIAMF9_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A5n6y1-hpgr4vynnRXkEZNvCvjlNGH6brl7eYMsdN1MST7YoD2BPgA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:13 GMT
age: 41513
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-TWV75MK
142.250.74.78200 OK 47 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-TWV75MK
IP 142.250.74.78:0
File type ASCII text, with very long lines (1921)
Hash c825a7298f8c567351a23a9afae4f803
cb4e05cadf48dbe2ca729ce2fa9d289f2d88130e
c337cdad9380a80f0c85545e9d80693383047a279cd2b342c354a2a57702bc7c
GET /optimize.js?id=OPT-TWV75MK HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getmitolean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 09:23:06 GMT
expires: Mon, 28 Nov 2022 09:23:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46887
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
getmitolean.com/v/?aff=1005&source=&offer=24&afsub=26&transid=1025855cd5998db21c3e2453def46b
172.67.139.73301 Moved Permanently 0 B URL HTTP/1.1 getmitolean.com/v/?aff=1005&source=&offer=24&afsub=26&transid=1025855cd5998db21c3e2453def46b
IP 172.67.139.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v/?aff=1005&source=&offer=24&afsub=26&transid=1025855cd5998db21c3e2453def46b HTTP/1.1
Host: getmitolean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 09:23:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 28 Nov 2022 10:23:06 GMT
Location: https://getmitolean.com/v/?aff=1005&source=&offer=24&afsub=26&transid=1025855cd5998db21c3e2453def46b
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqlNBwucVQFomVKgwgaitBj8Ulz9ovqLYlKJYAkUp0oe2yuxnSgNA8uAzI%2Bve0VJlaIR50Q%2FWeEzCqFELOSE79ou9xTg43cdleNg%2BtH1971iqU13xgYChHNQfY305e1ipFI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77120afec9af1bfe-OSL
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 479caedc6faca3eeaef0bdc4a6a8ecf4
1fad42359e8c74b38c07b8c01238f37f73f1e190
86e54160e28fc3b23ff1bf714ea2830b115a0d51b3b33feb3ddcb3dec2cf3c53
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132751
Date: Mon, 28 Nov 2022 09:23:07 GMT
Etag: "6383cea5-1d7"
Expires: Tue, 29 Nov 2022 22:15:38 GMT
Last-Modified: Sun, 27 Nov 2022 20:55:01 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MAojsdFXZsKaKU1nJ2dyiRNXkG8WoS0wl8r5zI7kEJLZSzHJv_7Xpw==
Age: 4837
r3.o.lencr.org/
23.36.76.226200 OK 1.1 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c811e6588888861c757c5bf4957cd3fb
5bb1e27d7d2ab3168fb9b5fdce07d3127a0b26d5
d4f368b60ab424a6dc21b17ca3e9f536f399c50708c83348ebdd278c29dc34bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "576686DBCA6FAE1B1478C635116531E484D602254F3EA02EA2E6CA6E24F651A2"
Last-Modified: Sun, 27 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21489
Expires: Mon, 28 Nov 2022 15:21:16 GMT
Date: Mon, 28 Nov 2022 09:23:07 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 479caedc6faca3eeaef0bdc4a6a8ecf4
1fad42359e8c74b38c07b8c01238f37f73f1e190
86e54160e28fc3b23ff1bf714ea2830b115a0d51b3b33feb3ddcb3dec2cf3c53
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132751
Date: Mon, 28 Nov 2022 09:23:07 GMT
Etag: "6383cea5-1d7"
Expires: Tue, 29 Nov 2022 22:15:38 GMT
Last-Modified: Sun, 27 Nov 2022 20:55:01 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IcAFULXBovk-pZIiTJFoiAxucgwdQTE86mWnQSAWZHNNzhR6xZxsnw==
Age: 4837
hop.clickbank.net/?affiliate=specads&vendor=alphasupps&tid=mw_24_26&w=pneu01
44.236.111.27307 Temporary Redirect 0 B URL HTTP/2 hop.clickbank.net/?affiliate=specads&vendor=alphasupps&tid=mw_24_26&w=pneu01
IP 44.236.111.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?affiliate=specads&vendor=alphasupps&tid=mw_24_26&w=pneu01 HTTP/1.1
Host: hop.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getmitolean.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Mon, 28 Nov 2022 09:23:07 GMT
content-length: 0
location: https://organichealthremedies.co/checkforcbhopinfo.php/?hop=specads&w=pneu01
set-cookie: q=01.CA276A15576A51A0290DBD4A91CF248380F1B97B0AB70AEE848421889D2FEFFDDA161EB6AD6C3636EEE4EA25D297F55FF179CFE2; Path=/; Domain=.clickbank.net; Max-Age=31536000; Expires=Tue, 28 Nov 2023 09:23:07 GMT
p=RkHHe1bDUt7ej-zL1FcSH_2pIb20skN67VLdelbIceMn1fnnwwiaS_bMrjJiJAv9bREf1fKWfIGkXzwcOhMnV0eVwdu4hOLbj9aCE15ynpMzExXp71Ui31pLg2tb4kcRfaWPIig7KVdm5H2noilToCJS2INJ6YFciwQ0yqX2pJuDT4ulMHjehaZBhN1Ngiy-vAvHT0LL0IgouNXY7ZW8-MBKCk0%3D; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Sat, 27 May 2023 09:23:07 GMT
server-timing: traceparent;desc="00-5698c2b101e594cff627fa09eed29291-955d1975d4a3123b-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2
hop.clickbank.net/?affiliate=1005&vendor=alphasupps&tid=
44.236.111.27307 Temporary Redirect 0 B URL HTTP/2 hop.clickbank.net/?affiliate=1005&vendor=alphasupps&tid=
IP 44.236.111.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?affiliate=1005&vendor=alphasupps&tid= HTTP/1.1
Host: hop.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getmitolean.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Mon, 28 Nov 2022 09:23:07 GMT
content-length: 0
location: https://organichealthremedies.co/checkforcbhopinfo.php/?hop=0&tid=
set-cookie: q=01.06CD341E7DE38765A3568DB741BFFBF5078FE1D165A20BB31FA33BFC32AF9C07D66986FB2761A52E5F3DC395E764A7729F53F123; Path=/; Domain=.clickbank.net; Max-Age=31536000; Expires=Tue, 28 Nov 2023 09:23:07 GMT
server-timing: traceparent;desc="00-e63e687ebab2d8a6810a770ea1ee17ed-114180a2545d4924-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2
load.gtm.getmitolean.com/hivjbtay.js?id=GTM-WF9F26P
104.26.11.228200 OK 51 kB URL HTTP/2 load.gtm.getmitolean.com/hivjbtay.js?id=GTM-WF9F26P
IP 104.26.11.228:0
File type ASCII text, with very long lines (1961)
Hash 45868b107d8a6c6006f9528620a5b831
34a0115033071b89338b279e68f741b3c1d39f47
76e46e9c94131011eb49319bc06faf0c6a30f1883ccfefb0b46ad3b3200d8bf8
GET /hivjbtay.js?id=GTM-WF9F26P HTTP/1.1
Host: load.gtm.getmitolean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getmitolean.com/
Cookie: _gaexp=GAX1.2.PrCpW0h1QY-QUXRM1XXquQ.19365.2; _gaexp_rc=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:23:07 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 77120b026823b517-OSL
access-control-allow-origin: *
cache-control: private, max-age=900
expires: Mon, 28 Nov 2022 09:23:07 GMT
last-modified: Mon, 28 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: EXPIRED
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cross-origin-resource-policy: cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9XqVut5KYlQJdQV13j07xQdX3Pgo1RRUhW79yxOe75y0luEiDbJS35CeduwvXoOi3mf596KTjVmQa4NNcyrGR%2FW6D2kjITRWOzC9tGurlE9qp3CF1eCngjPwKE6dcpnccK%2FuUisunLB1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c93ce8ca34721750878a82a2c2d14735
92166330adf8982c74d299171e0c6d356c1494cc
576686dbca6fae1b1478c635116531e484d602254f3ea02ea2e6ca6e24f651a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "576686DBCA6FAE1B1478C635116531E484D602254F3EA02EA2E6CA6E24F651A2"
Last-Modified: Sun, 27 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21489
Expires: Mon, 28 Nov 2022 15:21:16 GMT
Date: Mon, 28 Nov 2022 09:23:07 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4dba547bffcf60ea8fc4d03ee9f73cbe
dc5aa44d11af3aa830d38b90fffe0b1dc2616c89
a08c99ab7b7c3d1c0c22150d71478c4152f85f8b1201e62f172a44324ffc32db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A08C99AB7B7C3D1C0C22150D71478C4152F85F8B1201E62F172A44324FFC32DB"
Last-Modified: Sun, 27 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4745
Expires: Mon, 28 Nov 2022 10:42:12 GMT
Date: Mon, 28 Nov 2022 09:23:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4dba547bffcf60ea8fc4d03ee9f73cbe
dc5aa44d11af3aa830d38b90fffe0b1dc2616c89
a08c99ab7b7c3d1c0c22150d71478c4152f85f8b1201e62f172a44324ffc32db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A08C99AB7B7C3D1C0C22150D71478C4152F85F8B1201E62F172A44324FFC32DB"
Last-Modified: Sun, 27 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Mon, 28 Nov 2022 15:22:12 GMT
Date: Mon, 28 Nov 2022 09:23:07 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61654214-40&cid=543530340.1669627387&jid=1048427888&gjid=2090512122&_gid=582070606.1669627387&_u=YGBAiEABBAAAAEABI~&z=1972794438
142.251.1.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61654214-40&cid=543530340.1669627387&jid=1048427888&gjid=2090512122&_gid=582070606.1669627387&_u=YGBAiEABBAAAAEABI~&z=1972794438
IP 142.251.1.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61654214-40&cid=543530340.1669627387&jid=1048427888&gjid=2090512122&_gid=582070606.1669627387&_u=YGBAiEABBAAAAEABI~&z=1972794438 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://getmitolean.com
Connection: keep-alive
Referer: https://getmitolean.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://getmitolean.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 09:23:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4dba547bffcf60ea8fc4d03ee9f73cbe
dc5aa44d11af3aa830d38b90fffe0b1dc2616c89
a08c99ab7b7c3d1c0c22150d71478c4152f85f8b1201e62f172a44324ffc32db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A08C99AB7B7C3D1C0C22150D71478C4152F85F8B1201E62F172A44324FFC32DB"
Last-Modified: Sun, 27 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Mon, 28 Nov 2022 15:22:12 GMT
Date: Mon, 28 Nov 2022 09:23:07 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ecf04452b237e3694b26e3167594c06a
1419170603babd8d3c863505cfada0b615acf34d
eff58c8ead5d8f8649b019a0dd736266d222e2070ac4739c199553efc93bfdcf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121054
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:07 GMT
Etag: "6383b3d9-117"
Expires: Tue, 29 Nov 2022 19:00:41 GMT
Last-Modified: Sun, 27 Nov 2022 19:00:41 GMT
Server: nginx
Content-Length: 279
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 022e051a168143a951adfc4766722f6d
8e99dc3384f36b1c6b1bcdb4c2fb98e06f2c2f58
daeec99559ddf0d836500060364c2af2a0a3efaed82c641e2bb81ac32b63a7ec
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 09:23:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 10:44:18 GMT
Expires: Sun, 04 Dec 2022 10:44:17 GMT
Etag: "8e99dc3384f36b1c6b1bcdb4c2fb98e06f2c2f58"
Cache-Control: max-age=563487,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77120b070ee61bfa-OSL
ocsp.digicert.com/
93.184.220.29200 OK 21 kB IP 93.184.220.29:0
Hash 0a69c0b84a991265082a8e61a84549ba
55e9da0cd3ae24117e45c75a3246965157d75d8a
971847655e157519c6de61459901769d2c79f0001a1625092ea339da4f44089a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:08 GMT
Server: ECS (amb/6B85)
Content-Length: 279
getpureneuro.com/
104.21.12.174200 OK 4.5 kB IP 104.21.12.174:0
Hash cd3b28c9ced0af40856e2095132aacce
458151407516f132e5a7da43ed384efd4cab616b
f7e5276a19ab025496f1dc8f22eab593a188dd26b6204a06343a44de42d01414
GET / HTTP/1.1
Host: getpureneuro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getmitolean.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:23:08 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6%2FPhNja1aYyUojGEDi1HFAWqZE53Cq31eqyvqEy%2Fk1c1j%2BP%2F89Wq2AcbijIapLOO%2FjoFAtMt%2BRMJIWJBO%2BSJNh2bD0xbk0TN9wjDD%2B5SahsX1SZS3IDkCal2AO0QkmBfSGM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77120b082bbcb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.maxweb.com/conversion/iframe/?a=7761&token=a14f05fd82b6711c4773a92b9d6d4590
172.66.40.143200 OK 329 B URL HTTP/2 go.maxweb.com/conversion/iframe/?a=7761&token=a14f05fd82b6711c4773a92b9d6d4590
IP 172.66.40.143:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash a7e9c5e26faa8182bdc004dcf77e8114
ac5f7e8dcc7af69dbef0385aa202c72757431bcd
bfb0837570a0510d0519e9f1c1924672d47fcf9aab595732be03f89540aca7fa
GET /conversion/iframe/?a=7761&token=a14f05fd82b6711c4773a92b9d6d4590 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getmitolean.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:23:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Mon, 28 Nov 2022 10:23:08 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77120b06ae7bb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 301012
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 161470
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gtm.getmitolean.com/g/collect?v=2&tid=G-Q2ZTXH7FBT>m=2oeb90&_p=495024459&cid=543530340.1669627387&ul=en-us&sr=1280x1024&_fplc=0&_uc=DE&_s=1&sid=1669627387&sct=1&seg=0&dl=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&dt=Mito%20Lean&en=page_view&_fv=1&_ss=1&richsstsse
104.198.8.50200 OK 504 B URL HTTP/2 gtm.getmitolean.com/g/collect?v=2&tid=G-Q2ZTXH7FBT>m=2oeb90&_p=495024459&cid=543530340.1669627387&ul=en-us&sr=1280x1024&_fplc=0&_uc=DE&_s=1&sid=1669627387&sct=1&seg=0&dl=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&dt=Mito%20Lean&en=page_view&_fv=1&_ss=1&richsstsse
IP 104.198.8.50:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash ef2c0e7d73884eee30f9be52e6c3a669
8c8480d5db9ae79e27a0d93a7f4a723dba6f608c
38fe53a3c10a8ebc84df05427aca5b4e9d8f2d0d90073edaf01e8588b00629c4
GET /g/collect?v=2&tid=G-Q2ZTXH7FBT>m=2oeb90&_p=495024459&cid=543530340.1669627387&ul=en-us&sr=1280x1024&_fplc=0&_uc=DE&_s=1&sid=1669627387&sct=1&seg=0&dl=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&dt=Mito%20Lean&en=page_view&_fv=1&_ss=1&richsstsse HTTP/1.1
Host: gtm.getmitolean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getmitolean.com
Connection: keep-alive
Referer: https://getmitolean.com/
Cookie: _gaexp=GAX1.2.PrCpW0h1QY-QUXRM1XXquQ.19365.2; _gaexp_rc=1; _gcl_au=1.1.1375872786.1669627387; _ga=GA1.1.543530340.1669627387; _gid=GA1.2.582070606.1669627387; _dc_gtm_UA-61654214-40=1; _ga_Q2ZTXH7FBT=GS1.1.1669627387.1.0.1669627387.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://getmitolean.com
cache-control: no-cache
content-type: text/plain
date: Mon, 28 Nov 2022 09:23:08 GMT
set-cookie: FPLC=el6xVRsrlVFrSmwnTRAoNNkEKyS%2Fr6BDaWuZTYFNcurswEEE6bc%2B1fjjOt0%2FEDG8NksxHG1Wv8sENXGlu4v5mxvagkRzVnClr5XhJfk9TSdzOtqAH7yPE6H7RAwFfQ%3D%3D; Max-Age=72000; Domain=getmitolean.com; Path=/; Secure
FPID=FPID2.2.ObZFYm0Sdst7TTiVrGTM6PlvJ2MxRdgKFEatxoJXvKk%3D.1669627387; Max-Age=63072000; Domain=getmitolean.com; Path=/; Secure; HttpOnly
FPAU=1.1.1375872786.1669627387; Max-Age=7775998; Domain=getmitolean.com; Path=/; Secure
x-accel-buffering: no
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/10900468386/?random=1669627388681&cv=10&fst=1669626000000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=3oesb91&url=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&tiba=Mito%20Lean&is_vtc=1&random=2358695747
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10900468386/?random=1669627388681&cv=10&fst=1669626000000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=3oesb91&url=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&tiba=Mito%20Lean&is_vtc=1&random=2358695747
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10900468386/?random=1669627388681&cv=10&fst=1669626000000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=3oesb91&url=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&tiba=Mito%20Lean&is_vtc=1&random=2358695747 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getmitolean.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 09:23:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-user-list/10900468386/?random=1669627388681&cv=10&fst=1669626000000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=3oesb91&url=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&tiba=Mito%20Lean&is_vtc=1&random=2358695747&ipr=y
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/10900468386/?random=1669627388681&cv=10&fst=1669626000000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=3oesb91&url=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&tiba=Mito%20Lean&is_vtc=1&random=2358695747&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10900468386/?random=1669627388681&cv=10&fst=1669626000000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=3oesb91&url=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&tiba=Mito%20Lean&is_vtc=1&random=2358695747&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10900468386/?random=1669627388681&cv=10&fst=1669626000000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=3oesb91&url=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&tiba=Mito%20Lean&is_vtc=1&random=2358695747&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getmitolean.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 09:23:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 28 Nov 2022 09:23:09 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0f3ac822c6f903619d9ca551dd095c95
b658f9db2418074acf7485e678da0c21d86cea09
1482c1ec13373efb868fd4361726145b36297df2b205fa7fef99d042b373fd3a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 28 Nov 2022 09:23:09 GMT
server: ESF
cache-control: private
content-length: 30611
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9fHSQoFQADMVf0LihT_EC_7umn6oggki3ZzMjQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.4 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9fHSQoFQADMVf0LihT_EC_7umn6oggki3ZzMjQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 4890f51dfcca2bc3c34a6fff217f7e5e
af63951e6b5078857a11cba0ff6188fedf937763
d588b8062dada587e5e2d2064436d3439d20d402006f5167cb3e6630e5688ac5
GET /ytc/AMLnZu9fHSQoFQADMVf0LihT_EC_7umn6oggki3ZzMjQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2410
x-xss-protection: 0
date: Mon, 28 Nov 2022 05:46:25 GMT
expires: Sun, 06 Nov 2022 02:47:25 GMT
cache-control: public, max-age=86400, no-transform
age: 13004
etag: "v8"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5011c3ae54f0ee02e53eee57d47da352
ad893bb5928ff835231652809cc9af62d5219f0a
d840efa1d29eff50fc07c0c31315c004f60db98e7da8c8a232e40e3595bba0a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 28 Nov 2022 09:23:09 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3cc3e414de2164bcf450fdaf5a9191e9
35cf7a421f84d292cd520cb49aafe4bca392cae3
5632730bdbdf77d1c5d8c2ad40b38978d3c5482dd897795e4494b444dfb350f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3cc3e414de2164bcf450fdaf5a9191e9
35cf7a421f84d292cd520cb49aafe4bca392cae3
5632730bdbdf77d1c5d8c2ad40b38978d3c5482dd897795e4494b444dfb350f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2734f94ccee461103a4c42296934948d
57af4a7dfbc298f14e47d9cf98c1a33c8f9078ae
e067ad8019cd032e033758f033c9eaa9e8dd7250a79b7c750f24cdc055a3ec87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3cc3e414de2164bcf450fdaf5a9191e9
35cf7a421f84d292cd520cb49aafe4bca392cae3
5632730bdbdf77d1c5d8c2ad40b38978d3c5482dd897795e4494b444dfb350f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669648989&ei=_X2EY-aWD47NyQXyvJ6IAg&ip=91.90.42.154&id=o-AP8fdZHMAroXABZs0cEfdyPL_GtFfwbLtOdidp9sJD7y&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&mh=hr&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2050000&spc=SFxXNhhb-l9aaZlVuC1TWJCeFlCtAUM&vprv=1&mime=video%2Fwebm&ns=lqhAs6XHCinK2JnoSEIqfu8J&otf=1&otfp=1&dur=0.000&lmt=1664816049179048&mt=1669627054&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=UrA9fFd-FbFjgA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJExG6Beo1KfeiN4qwYC8ujfZ4dTSk7cqSKzPaOtroudAiBgRvrlb-O45YWDgWBXn-5Sv2BEMS4s_IH8TpKYHD7xtw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgBiTZ4jne44j2v3wGtcVGFNKA47qNcgAnTcynDBOyqj0CIHzWCOvjXBsMghWcTobPG24idibxfoJwYdYRngh1lfG3&alr=yes&cpn=6ECTlMf2haQoSLg5&cver=1.20221120.00.00&sq=0&rn=1&rbuf=0
91.90.45.173200 OK 3.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669648989&ei=_X2EY-aWD47NyQXyvJ6IAg&ip=91.90.42.154&id=o-AP8fdZHMAroXABZs0cEfdyPL_GtFfwbLtOdidp9sJD7y&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&mh=hr&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2050000&spc=SFxXNhhb-l9aaZlVuC1TWJCeFlCtAUM&vprv=1&mime=video%2Fwebm&ns=lqhAs6XHCinK2JnoSEIqfu8J&otf=1&otfp=1&dur=0.000&lmt=1664816049179048&mt=1669627054&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=UrA9fFd-FbFjgA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJExG6Beo1KfeiN4qwYC8ujfZ4dTSk7cqSKzPaOtroudAiBgRvrlb-O45YWDgWBXn-5Sv2BEMS4s_IH8TpKYHD7xtw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgBiTZ4jne44j2v3wGtcVGFNKA47qNcgAnTcynDBOyqj0CIHzWCOvjXBsMghWcTobPG24idibxfoJwYdYRngh1lfG3&alr=yes&cpn=6ECTlMf2haQoSLg5&cver=1.20221120.00.00&sq=0&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 2aafb1a188b7b483a337c4ce1f526124
e8f028a5c8914c65e4da9047454b528ff3d6d659
8dea8987098c31711b7a2654e99035e4fd3cda3581b59573e07dd8bf276e3efb
POST /videoplayback?expire=1669648989&ei=_X2EY-aWD47NyQXyvJ6IAg&ip=91.90.42.154&id=o-AP8fdZHMAroXABZs0cEfdyPL_GtFfwbLtOdidp9sJD7y&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&mh=hr&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2050000&spc=SFxXNhhb-l9aaZlVuC1TWJCeFlCtAUM&vprv=1&mime=video%2Fwebm&ns=lqhAs6XHCinK2JnoSEIqfu8J&otf=1&otfp=1&dur=0.000&lmt=1664816049179048&mt=1669627054&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=UrA9fFd-FbFjgA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJExG6Beo1KfeiN4qwYC8ujfZ4dTSk7cqSKzPaOtroudAiBgRvrlb-O45YWDgWBXn-5Sv2BEMS4s_IH8TpKYHD7xtw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgBiTZ4jne44j2v3wGtcVGFNKA47qNcgAnTcynDBOyqj0CIHzWCOvjXBsMghWcTobPG24idibxfoJwYdYRngh1lfG3&alr=yes&cpn=6ECTlMf2haQoSLg5&cver=1.20221120.00.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 07 Nov 2022 13:36:05 GMT
Content-Type: video/webm
Date: Mon, 28 Nov 2022 09:23:09 GMT
Expires: Mon, 28 Nov 2022 09:23:09 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 2952
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
i.ytimg.com/vi/vb9p5YfITEQ/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgUCg9MA8=&rs=AOn4CLDdrfZeQWWNqxvDXsQxFyBsVqtzIQ
142.250.74.182200 OK 60 kB URL HTTP/2 i.ytimg.com/vi/vb9p5YfITEQ/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgUCg9MA8=&rs=AOn4CLDdrfZeQWWNqxvDXsQxFyBsVqtzIQ
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 9c9519a33a1df81916efee3e310fac7c
2730ee4fc1b2a53332d6db85bef2efeaf7c776c2
1d91ce75f53e558f2afe3010055690341bf0548304dfed19b4ddabb1702e126d
GET /vi/vb9p5YfITEQ/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgUCg9MA8=&rs=AOn4CLDdrfZeQWWNqxvDXsQxFyBsVqtzIQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 60368
date: Mon, 28 Nov 2022 09:23:09 GMT
expires: Mon, 28 Nov 2022 11:23:09 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2734f94ccee461103a4c42296934948d
57af4a7dfbc298f14e47d9cf98c1a33c8f9078ae
e067ad8019cd032e033758f033c9eaa9e8dd7250a79b7c750f24cdc055a3ec87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 09:23:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669648989&ei=_X2EY-aWD47NyQXyvJ6IAg&ip=91.90.42.154&id=o-AP8fdZHMAroXABZs0cEfdyPL_GtFfwbLtOdidp9sJD7y&itag=251&source=youtube&requiressl=yes&mh=hr&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2050000&spc=SFxXNhhb-l9aaZlVuC1TWJCeFlCtAUM&vprv=1&mime=audio%2Fwebm&ns=lqhAs6XHCinK2JnoSEIqfu8J&gir=yes&clen=53523526&otfp=1&dur=2867.181&lmt=1664816134404678&mt=1669627054&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=UrA9fFd-FbFjgA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIPRuk4NblV8-tjG8VxSSTuJiC8qmBZD802IZRWTdil0AiB33r1EaodhrU7V6sjp21yKxBN30UTXmckC-HTyVVoJKw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgBiTZ4jne44j2v3wGtcVGFNKA47qNcgAnTcynDBOyqj0CIHzWCOvjXBsMghWcTobPG24idibxfoJwYdYRngh1lfG3&alr=yes&cpn=6ECTlMf2haQoSLg5&cver=1.20221120.00.00&range=0-70871&rn=2&rbuf=0
91.90.45.173200 OK 71 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669648989&ei=_X2EY-aWD47NyQXyvJ6IAg&ip=91.90.42.154&id=o-AP8fdZHMAroXABZs0cEfdyPL_GtFfwbLtOdidp9sJD7y&itag=251&source=youtube&requiressl=yes&mh=hr&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2050000&spc=SFxXNhhb-l9aaZlVuC1TWJCeFlCtAUM&vprv=1&mime=audio%2Fwebm&ns=lqhAs6XHCinK2JnoSEIqfu8J&gir=yes&clen=53523526&otfp=1&dur=2867.181&lmt=1664816134404678&mt=1669627054&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=UrA9fFd-FbFjgA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIPRuk4NblV8-tjG8VxSSTuJiC8qmBZD802IZRWTdil0AiB33r1EaodhrU7V6sjp21yKxBN30UTXmckC-HTyVVoJKw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgBiTZ4jne44j2v3wGtcVGFNKA47qNcgAnTcynDBOyqj0CIHzWCOvjXBsMghWcTobPG24idibxfoJwYdYRngh1lfG3&alr=yes&cpn=6ECTlMf2haQoSLg5&cver=1.20221120.00.00&range=0-70871&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash f842060e175f90003097bb0fca8e1cb4
4cdd452ab628f553742db7b288154ab4db0960c0
957b9282b9d6db580cd9c4663e3c600e2ef3323369425ecabda8a5aaf5d30a4f
POST /videoplayback?expire=1669648989&ei=_X2EY-aWD47NyQXyvJ6IAg&ip=91.90.42.154&id=o-AP8fdZHMAroXABZs0cEfdyPL_GtFfwbLtOdidp9sJD7y&itag=251&source=youtube&requiressl=yes&mh=hr&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2050000&spc=SFxXNhhb-l9aaZlVuC1TWJCeFlCtAUM&vprv=1&mime=audio%2Fwebm&ns=lqhAs6XHCinK2JnoSEIqfu8J&gir=yes&clen=53523526&otfp=1&dur=2867.181&lmt=1664816134404678&mt=1669627054&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=UrA9fFd-FbFjgA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIPRuk4NblV8-tjG8VxSSTuJiC8qmBZD802IZRWTdil0AiB33r1EaodhrU7V6sjp21yKxBN30UTXmckC-HTyVVoJKw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgBiTZ4jne44j2v3wGtcVGFNKA47qNcgAnTcynDBOyqj0CIHzWCOvjXBsMghWcTobPG24idibxfoJwYdYRngh1lfG3&alr=yes&cpn=6ECTlMf2haQoSLg5&cver=1.20221120.00.00&range=0-70871&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 03 Oct 2022 16:55:34 GMT
Content-Type: audio/webm
Date: Mon, 28 Nov 2022 09:23:09 GMT
Expires: Mon, 28 Nov 2022 09:23:09 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 70872
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
gtm.getmitolean.com/g/collect?v=2&tid=G-Q2ZTXH7FBT>m=2oeb90&_p=495024459&cid=543530340.1669627387&ul=en-us&sr=1280x1024&_uc=DE&_s=2&sid=1669627387&sct=1&seg=0&dl=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&dt=Mito%20Lean&en=video_start&epn.video_current_time=0&epn.video_duration=2867&epn.video_percent=0&ep.video_provider=youtube&ep.video_title=Exotic%20Fat%20Burning%20Loophole&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Dvb9p5YfITEQ&ep.visible=true&_et=2273&richsstsse
104.198.8.50200 OK 504 B URL HTTP/2 gtm.getmitolean.com/g/collect?v=2&tid=G-Q2ZTXH7FBT>m=2oeb90&_p=495024459&cid=543530340.1669627387&ul=en-us&sr=1280x1024&_uc=DE&_s=2&sid=1669627387&sct=1&seg=0&dl=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&dt=Mito%20Lean&en=video_start&epn.video_current_time=0&epn.video_duration=2867&epn.video_percent=0&ep.video_provider=youtube&ep.video_title=Exotic%20Fat%20Burning%20Loophole&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Dvb9p5YfITEQ&ep.visible=true&_et=2273&richsstsse
IP 104.198.8.50:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 84bdb8a04c75d60d10ba5923987c76bc
bb35b34b38ac4202607b9c69d02ed1154a210246
559011e1e9e1bc2964cc2d5869e7d893eb49d637d5df6930a12d311754732db6
GET /g/collect?v=2&tid=G-Q2ZTXH7FBT>m=2oeb90&_p=495024459&cid=543530340.1669627387&ul=en-us&sr=1280x1024&_uc=DE&_s=2&sid=1669627387&sct=1&seg=0&dl=https%3A%2F%2Fgetmitolean.com%2Fv%2F%3Faff%3D1005%26source%3D%26offer%3D24%26afsub%3D26%26transid%3D1025855cd5998db21c3e2453def46b&dt=Mito%20Lean&en=video_start&epn.video_current_time=0&epn.video_duration=2867&epn.video_percent=0&ep.video_provider=youtube&ep.video_title=Exotic%20Fat%20Burning%20Loophole&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3Dvb9p5YfITEQ&ep.visible=true&_et=2273&richsstsse HTTP/1.1
Host: gtm.getmitolean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://getmitolean.com
Connection: keep-alive
Referer: https://getmitolean.com/
Cookie: _gaexp=GAX1.2.PrCpW0h1QY-QUXRM1XXquQ.19365.2; _gaexp_rc=1; _gcl_au=1.1.1375872786.1669627387; _ga=GA1.1.543530340.1669627387; _gid=GA1.2.582070606.1669627387; _dc_gtm_UA-61654214-40=1; _ga_Q2ZTXH7FBT=GS1.1.1669627387.1.0.1669627389.0.0.0; FPLC=el6xVRsrlVFrSmwnTRAoNNkEKyS%2Fr6BDaWuZTYFNcurswEEE6bc%2B1fjjOt0%2FEDG8NksxHG1Wv8sENXGlu4v5mxvagkRzVnClr5XhJfk9TSdzOtqAH7yPE6H7RAwFfQ%3D%3D; FPID=FPID2.2.ObZFYm0Sdst7TTiVrGTM6PlvJ2MxRdgKFEatxoJXvKk%3D.1669627387; FPAU=1.1.1375872786.1669627387
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://getmitolean.com
cache-control: no-cache
content-type: text/plain
date: Mon, 28 Nov 2022 09:23:10 GMT
set-cookie: FPID=FPID2.2.ObZFYm0Sdst7TTiVrGTM6PlvJ2MxRdgKFEatxoJXvKk%3D.1669627387; Max-Age=63072000; Domain=getmitolean.com; Path=/; Secure; HttpOnly
x-accel-buffering: no
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 10:15:53 GMT
age: 83240
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mwebnice.com/7761/26/2/?subid=Onsmkreq
104.21.10.231302 Found 0 B URL HTTP/2 mwebnice.com/7761/26/2/?subid=Onsmkreq
IP 104.21.10.231:0
GET /7761/26/2/?subid=Onsmkreq HTTP/1.1
Host: mwebnice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 28 Nov 2022 09:23:05 GMT
content-type: text/html; charset=UTF-8
location: https://alphanation.go2cloud.org/aff_c?offer_id=24&aff_id=1005&aff_click_id=7761_sessid20221128092316789&aff_sub=26
cache-control: max-age=3600, private
pragma: no-cache
expires: Mon, 28 Nov 2022 10:23:05 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77120af5cb38b50b-OSL
X-Firefox-Spdy: h2
getmitolean.com/?aff=1005&source=&offer=24&afsub=26&transid=1025855cd5998db21c3e2453def46b
104.21.70.204200 OK 0 B URL HTTP/2 getmitolean.com/?aff=1005&source=&offer=24&afsub=26&transid=1025855cd5998db21c3e2453def46b
IP 104.21.70.204:0
GET /?aff=1005&source=&offer=24&afsub=26&transid=1025855cd5998db21c3e2453def46b HTTP/1.1
Host: getmitolean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 28 Nov 2022 09:23:06 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sBCct%2BUdYoMW9AxIUxfUJomFzNgEJu4O7fHrbHYxAauD%2ByY7I4GctvkGhQHNcgEaFYQ1iZ%2F37ebVANpuPLVWTHXtmSokbNo8meFPBsKLryeMwbqXfLT6onC0A%2ByvzVGdPQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77120afaddfa0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.46:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://getmitolean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Mon, 28 Nov 2022 09:23:07 GMT
date: Mon, 28 Nov 2022 09:23:07 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=koxsT7aP4s0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=1ZV538YQiMI; Domain=.youtube.com; Expires=Sat, 27-May-2023 09:23:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+640; expires=Wed, 27-Nov-2024 09:23:07 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
organichealthremedies.co/checkforcbhopinfo.php/?hop=0&tid=
104.21.51.67302 Found 0 B URL HTTP/2 organichealthremedies.co/checkforcbhopinfo.php/?hop=0&tid=
IP 104.21.51.67:0
GET /checkforcbhopinfo.php/?hop=0&tid= HTTP/1.1
Host: organichealthremedies.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getmitolean.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 09:23:07 GMT
content-type: text/html; charset=UTF-8
location: https://mydeepsleeptea.com/?tid=
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qqpjUjMRNRHtM1c3%2BV7RkyLm78e%2BDeCtY040YrbsF8bmIaQ02A2EiuzZa3RMbRkXe6cPPCSN%2BR%2Bw7JSOujeqn4UKuLTtNrEYPOcJ0JV9hW7TF9%2BM6lktSNZQ8mJ7PNmHuyeG4lKEJzXayI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77120b0508dab506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
organichealthremedies.co/checkforcbhopinfo.php/?hop=specads&w=pneu01
104.21.51.67302 Found 0 B URL HTTP/2 organichealthremedies.co/checkforcbhopinfo.php/?hop=specads&w=pneu01
IP 104.21.51.67:0
GET /checkforcbhopinfo.php/?hop=specads&w=pneu01 HTTP/1.1
Host: organichealthremedies.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getmitolean.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 09:23:07 GMT
content-type: text/html; charset=UTF-8
location: https://getpureneuro.com/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FshdavKS8JFO76mW15tlGT%2FgmvPXJEIc6dJx2dEJ8kMQxVwOvp%2BBtvIrlkW%2FlcDOjGPY1ff5%2BTPqEhAUz5KBTrah%2FS%2Fg%2BiKL%2BGZ3bVUlS5fnVYAOjxdECwztyeGM9SPmmwnWkbIk2d5%2Bu5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77120b057955b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mydeepsleeptea.com/?tid=
46.4.14.190200 OK 0 B IP 46.4.14.190:0
ASN #24940 Hetzner Online GmbH
GET /?tid= HTTP/1.1
Host: mydeepsleeptea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getmitolean.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 09:23:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive