r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3073
Expires: Wed, 21 Sep 2022 19:59:46 GMT
Date: Wed, 21 Sep 2022 19:08:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 18:13:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WVyPEUy7T40Jq37tG2j5BWwvryQBiyoQQMsY46yFPKNqYeGGFBJa8g==
Age: 3294
bestforlife.life/india
162.241.63.77301 Moved Permanently 0 B IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /india HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 19:08:33 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://bestforlife.life/india
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash afb65a07bf7214addf83d17a53acba32
a8e973204431320aa7b362a4e73944520c4b51b9
46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14475
Expires: Wed, 21 Sep 2022 23:09:48 GMT
Date: Wed, 21 Sep 2022 19:08:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: W1RG/5HHcdkoFaLuBjSJzzXC1h8H9BR4oxhWCWrL95LULdLe8jhAKpQ/nWRpkbBTHva+9Wytgio=
x-amz-request-id: XDZ4MDZ62YMNQE4H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 21 Sep 2022 18:45:45 GMT
age: 1368
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 19:08:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 19:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 19:44:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iy6wPQn6nf_D61ShrfZ1CBhajBdqfrhhKWoO255kEGCYBl-TYiXGPA==
Age: 311
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 702ca38d47d4d69e3105b36ff80988c6
19c3d80459c056bfc0c144b0d3b348fcbaed9490
031c63c350ae1f27791c11920d393c58c91462a1e388922a73b7013b02565e55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "031C63C350AE1F27791C11920D393C58C91462A1E388922A73B7013B02565E55"
Last-Modified: Wed, 21 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21557
Expires: Thu, 22 Sep 2022 01:07:50 GMT
Date: Wed, 21 Sep 2022 19:08:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4923
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:34 GMT
Last-Modified: Wed, 21 Sep 2022 17:46:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.51.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.51.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: k/n3X+q5YNe+afPBTZznFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I+FzOtMBgp6S1Nmcoqvl0Ms5VaI=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 41ce6d816abf6cb41ee93410a3c651e7
271baf7f309a3a206b2e6b8cebcf4c14ee47b3f4
0988236e935c7124d1e2921ef45b1cda556f32f85cfba3de3cb3316b58a4c1a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:34 GMT
Server: ECS (amb/6B7C)
Content-Length: 280
app.clickfunnels.com/mailcheck.min.js
104.16.13.194200 OK 1.4 kB URL HTTP/2 app.clickfunnels.com/mailcheck.min.js
IP 104.16.13.194:0
File type C source, ASCII text, with very long lines (525)
Hash 352c945345a6b60faddb6d39769d8f97
98e20ef6a43cd007d45dbbc0ee53ea355131b53b
0bc77e3a79347e034352d9fc8d7cd63c54292ee44dfb9a2a8ab8babae4b1fcd6
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:34 GMT
content-type: application/x-javascript
cf-ray: 74e5171c6c7cb50b-OSL
access-control-allow-origin: *
age: 4576
etag: W/"632b3357-a8d"
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=YKlC7RKHTzemcPGnktcpNHdq..oCjNAEuj16z_3zKeQ-1663787314-0-AaQTqPwJiorJ15jXm/W9cY82XhS3zyifdFrjraDqkrArY1EN6Y1P4uLM4nUvEu4pWxcUd1L0U9h8021k8KGnpl2YyhKMkCZ+U91y7SDD/umi; path=/; expires=Wed, 21-Sep-22 19:38:34 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 5.4 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
Hash 6f005925a6a6244a399938f52ff327f8
aca579435425a2d8a85eb883910d6fd41c897ae7
f80cf6425767305dfb35cf9a45833a6f3f53160ba2e901c92860daa7e4f90e7b
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:34 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e5171c5da7b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 41ce6d816abf6cb41ee93410a3c651e7
271baf7f309a3a206b2e6b8cebcf4c14ee47b3f4
0988236e935c7124d1e2921ef45b1cda556f32f85cfba3de3cb3316b58a4c1a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:34 GMT
Server: ECS (amb/6BA1)
Content-Length: 280
www.bestforlife.life/images/email.png
104.16.12.194200 OK 396 B URL HTTP/2 www.bestforlife.life/images/email.png
IP 104.16.12.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 70dae42092fa6a05978ff6a0620ee93f
9c16adafce76241c3d46ac182ad0b7452b6b7bfa
b7feff2ccba89704f5d3452349e19be7360a7b8f9702daad4c0813f8c5f3ef90
GET /images/email.png HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestforlife.life/assets/lander.css
Cookie: __cf_bm=hWWCQ.OhrRToXWjp0FSuq6oPuLRhQP0sd3zPDhWy_WE-1663787314-0-AXoYtdifpmWBFq2tRAgvEb6r9fuDi5v3+6ZeEnYPiKa5f6oWPTO8FiaeKx2lGpzGEaVMTwlL4ciSE77ppwKVpvldKr3HymWo7SZe8bX76kzt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:34 GMT
content-type: image/webp
content-length: 396
cf-ray: 74e5171e6a070b59-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 54125
cache-control: public, max-age=2678400
content-disposition: inline; filename="email.webp"
etag: "632a4cc7-21c"
expires: Sat, 22 Oct 2022 19:08:34 GMT
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=540
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/assets/pushcrew.js
104.16.12.194200 OK 228 kB URL HTTP/2 www.bestforlife.life/assets/pushcrew.js
IP 104.16.12.194:0
File type ASCII text, with very long lines (637), with no line terminators
Size 228 kB (227627 bytes)
Hash 4cd29bd684779b855c7a01bb09dbe6a8
9244e5e928f2ed535f7a3d64c31a70deeb0a20b5
1132f2698f6aa45c3a5ba6903b55ce71d3033e0f3975c91dc8551919f6d87ebe
Analyzer Verdict Alert fortinet Phishing
GET /assets/pushcrew.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:34 GMT
content-type: application/x-javascript
cf-ray: 74e5171db93d0b59-OSL
access-control-allow-origin: *
age: 336
cache-control: public, max-age=1200
etag: W/"632b3356-27d"
expires: Wed, 21 Sep 2022 19:28:34 GMT
last-modified: Wed, 21 Sep 2022 15:52:54 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=fi3PJT7QDApIDFG7CPKtmuhpoFL43Xy9aA70PPYrcis-1663787314-0-Ab5sUDdC9TK/k2pyWm0eq8GvtLFpU3RmW+zu4lNks/a48Yl3sNo88xeEd0vUkNehDuXl1tbot92nANUWoPQZNCn8KolbJSX+D7dl9p1v6Zzt; path=/; expires=Wed, 21-Sep-22 19:38:34 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bestforlife.life/hosted/images/b7/0344e2a543416b818d21be670a9db5/home-reg-form-bg_IN.jpg
104.16.12.194200 OK 156 kB URL HTTP/2 www.bestforlife.life/hosted/images/b7/0344e2a543416b818d21be670a9db5/home-reg-form-bg_IN.jpg
IP 104.16.12.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 3000x941, components 3\012- data
Size 156 kB (155668 bytes)
Hash 65824abc7994521b4abe998544c68fa2
e6be12bee707d7219c427aea9cc8b54d5e3eaae7
879bfa9b6fa35b98fdc794778c185fa5fbe926b144cdf6f20519893016d91ff5
GET /hosted/images/b7/0344e2a543416b818d21be670a9db5/home-reg-form-bg_IN.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=hWWCQ.OhrRToXWjp0FSuq6oPuLRhQP0sd3zPDhWy_WE-1663787314-0-AXoYtdifpmWBFq2tRAgvEb6r9fuDi5v3+6ZeEnYPiKa5f6oWPTO8FiaeKx2lGpzGEaVMTwlL4ciSE77ppwKVpvldKr3HymWo7SZe8bX76kzt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:35 GMT
content-type: image/jpeg
content-length: 155668
cf-ray: 74e5171e7a0e0b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "65824abc7994521b4abe998544c68fa2"
last-modified: Tue, 20 Sep 2022 07:23:35 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/SQLxNY7LnIg?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
142.250.74.14200 OK 617 kB URL HTTP/2 www.youtube.com/embed/SQLxNY7LnIg?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60273)
Size 617 kB (616758 bytes)
Hash cc5dff861c26bb58af4796d1a51b5f72
09633822056469dfe6c8f705c8f94005848cfac0
fc4869f06d2d028d79a5a290db0851a00f58a7727d52bad6e4407fefcd470ece
GET /embed/SQLxNY7LnIg?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 19:08:35 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Iu2PNFqSBW0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=DDWyCQ5kQbg; Domain=.youtube.com; Expires=Mon, 20-Mar-2023 19:08:35 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+193; expires=Fri, 20-Sep-2024 19:08:35 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 369397
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6730
Expires: Wed, 21 Sep 2022 21:00:45 GMT
Date: Wed, 21 Sep 2022 19:08:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:09:43 GMT
age: 75532
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eff7103898a5102e685ce6741cdf19f8
3371965b4417ee0b74a3a5094adfc1632d4849b1
c326683c06d56a02d8c1a36dd34c1eff1b9d242b8b5280a1824b0602ccd28020
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9574
x-amzn-requestid: 3dfa0e8c-77e6-4fc5-9f64-00ac854abbfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mEj2IAMFWdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-745819ba4b5c16ee6e649ad7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _3w3cbABzhrIn3y9Spo6-NCZDzf4gHAfU30Zpvk3WTp8_kgWT7NAMw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
age: 77251
etag: "3371965b4417ee0b74a3a5094adfc1632d4849b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 77117
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: d9bd4ac9-5032-45d5-9689-c5c3347912d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuFz4oAMFZug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-6fb7d6a52eecab471f67d9a9;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sfGk3C3HLGDYDSXw1d4R7wPRsGdHNKD31chUVzQ8KYBRnsIL0aOW1g==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:17 GMT
age: 77238
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 267173c6b4e4e6ae4a84dc08df92f82f
4183102af1963e1edb3aa572c43aeda7d855e9f5
20487bb2e59f2e6afcaaac3e3c4f1dfec9a8ef761403a44f7f92a6b57d143714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9271
x-amzn-requestid: b8139dfc-8f24-41e0-9948-56bad215416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0Q-EkZoAMF_sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a3406-4365026f7f832cee0c12e4d7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rUeMyRv1DxHKmRAc4s-8GkQELQtAO-_lKHB2tjRYSQUSBMJMmDAZcQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 76346
etag: "4183102af1963e1edb3aa572c43aeda7d855e9f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:08:27 GMT
age: 25208
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bestforlife.life/favicon.ico
162.241.63.77302 Found 0 B URL HTTP/2 bestforlife.life/favicon.ico
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/india
Cookie: PHPSESSID=39761edc9c565f756836e217b96166b4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
link: <https://bestforlife.life/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://bestforlife.life/wp-includes/images/w-logo-blue-white-bg.png
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 19:08:35 GMT
server: Apache
X-Firefox-Spdy: h2
bestforlife.life/wp-includes/images/w-logo-blue-white-bg.png
162.241.63.77200 OK 31 kB URL HTTP/2 bestforlife.life/wp-includes/images/w-logo-blue-white-bg.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5840d4d0fa77ff2897eed284c5da28ff
c02b46db52ffe1536a29c069b4a7ea8b4bc11657
b05d86fe4b55249b68ccb13771ed43f90dc0fd1fe96c8f8c075da07f7a57c46a
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bestforlife.life/india
Connection: keep-alive
Cookie: PHPSESSID=39761edc9c565f756836e217b96166b4; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYzNjYzNjU=:visited=true; cf:visitor_id=2f2e8421-c2b2-4c6b-a57b-247e48849115; addevent_track_cookie=185237cd-c084-4fea-7fd1-57d1c2ff4951
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 08:34:02 GMT
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Wed, 21 Sep 2022 19:08:36 GMT
server: Apache
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=Zlg0NVNVUEZla0k1aXkxenJ6d3VlQT09LS1QK2YvbEFydFpPYTJ3TVMvNVJyeFBBPT0%3D--f4c64c327ed0220838e8bf5c07d19a329ea28554&page_id=K0wxNG1XcVhOWndMSGk3c1Q5dkZZUT09LS1tWlpaM090c253WUZjNDcwb3dSSjFnPT0%3D--a530327e08a670503823ca8cf7c779463e5bc045&funnel_step_id=eEk3VTd2a05OUVpYWWtCbXY1RnBidz09LS1GZTJTVk1vRjlMMms0Zk9yZFUwRHBnPT0%3D--6150c9966019baa6741b3fc0ebfbb636fda223f3&user_id=WEdkSEt4dmd0djU0M3N2a0xYWmRKZz09LS1mdHpBbE9yQk5JNEtvMlYzMkczdzFBPT0%3D--08a28761e0a5d75b7b1c82f7fe17a7876af4778c&account_id=TlNWMy9SVmY3ZzA4enJ4U2wrVEp2QT09LS1UcmNaYkozejhiZGpXTHZIWlViOThnPT0%3D--8db7e63b9321afe674cf9814ef16ab58f7c14b3a&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=02f1d69d-f754-4aef-adde-aa5243f49e3f&url=https%3A%2F%2Fbestforlife.life%2Findia
104.16.13.194202 Accepted 472 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=Zlg0NVNVUEZla0k1aXkxenJ6d3VlQT09LS1QK2YvbEFydFpPYTJ3TVMvNVJyeFBBPT0%3D--f4c64c327ed0220838e8bf5c07d19a329ea28554&page_id=K0wxNG1XcVhOWndMSGk3c1Q5dkZZUT09LS1tWlpaM090c253WUZjNDcwb3dSSjFnPT0%3D--a530327e08a670503823ca8cf7c779463e5bc045&funnel_step_id=eEk3VTd2a05OUVpYWWtCbXY1RnBidz09LS1GZTJTVk1vRjlMMms0Zk9yZFUwRHBnPT0%3D--6150c9966019baa6741b3fc0ebfbb636fda223f3&user_id=WEdkSEt4dmd0djU0M3N2a0xYWmRKZz09LS1mdHpBbE9yQk5JNEtvMlYzMkczdzFBPT0%3D--08a28761e0a5d75b7b1c82f7fe17a7876af4778c&account_id=TlNWMy9SVmY3ZzA4enJ4U2wrVEp2QT09LS1UcmNaYkozejhiZGpXTHZIWlViOThnPT0%3D--8db7e63b9321afe674cf9814ef16ab58f7c14b3a&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=02f1d69d-f754-4aef-adde-aa5243f49e3f&url=https%3A%2F%2Fbestforlife.life%2Findia
IP 104.16.13.194:0
Hash e1b099985efaf8c67552ba2a67ae2a21
b464042a8dd957fd751bc03701e5907b85a02099
e715e3919eba0991fffa4e7123e5561c7190ec5cd6d10d64430be810650486a9
GET /userevents/?funnel_id=Zlg0NVNVUEZla0k1aXkxenJ6d3VlQT09LS1QK2YvbEFydFpPYTJ3TVMvNVJyeFBBPT0%3D--f4c64c327ed0220838e8bf5c07d19a329ea28554&page_id=K0wxNG1XcVhOWndMSGk3c1Q5dkZZUT09LS1tWlpaM090c253WUZjNDcwb3dSSjFnPT0%3D--a530327e08a670503823ca8cf7c779463e5bc045&funnel_step_id=eEk3VTd2a05OUVpYWWtCbXY1RnBidz09LS1GZTJTVk1vRjlMMms0Zk9yZFUwRHBnPT0%3D--6150c9966019baa6741b3fc0ebfbb636fda223f3&user_id=WEdkSEt4dmd0djU0M3N2a0xYWmRKZz09LS1mdHpBbE9yQk5JNEtvMlYzMkczdzFBPT0%3D--08a28761e0a5d75b7b1c82f7fe17a7876af4778c&account_id=TlNWMy9SVmY3ZzA4enJ4U2wrVEp2QT09LS1UcmNaYkozejhiZGpXTHZIWlViOThnPT0%3D--8db7e63b9321afe674cf9814ef16ab58f7c14b3a&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=02f1d69d-f754-4aef-adde-aa5243f49e3f&url=https%3A%2F%2Fbestforlife.life%2Findia HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 19:08:36 GMT
content-type: text/html
cf-ray: 74e51723c86db50b-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: db387ce283e330b6884510f287b4ba6f
x-runtime: 0.063408
set-cookie: __cf_bm=G3JEzbMbeIq50jTVZ3K0TIW6J2QR.Jr6mpt0qvx4P3Q-1663787316-0-Ad+e8UN5EGltIZ/rWbCv/6D/vwHTwT3833Mvec1Fr30GkSSCSfxxQzDgTc9WOdtagAi3aQok8xsc/Yr5JKIo15pX3iHJqD+V9O4rk37XZfDn; path=/; expires=Wed, 21-Sep-22 19:38:36 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 27 kB IP 142.250.74.3:0
Hash 5e294eeecc5d6cfcd8e76cab65b10c48
356254bf13d2dbf3df466af37c61c30083f7d078
5a239a48304bfc75673a0a3347d2dda995617b89fc8591f9e4bbcfe0af878d55
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:03:04 GMT
expires: Wed, 21 Sep 2022 19:18:04 GMT
cache-control: public, max-age=900
age: 332
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 21 Sep 2022 19:08:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=Zlg0NVNVUEZla0k1aXkxenJ6d3VlQT09LS1QK2YvbEFydFpPYTJ3TVMvNVJyeFBBPT0%3D--f4c64c327ed0220838e8bf5c07d19a329ea28554&page_id=K0wxNG1XcVhOWndMSGk3c1Q5dkZZUT09LS1tWlpaM090c253WUZjNDcwb3dSSjFnPT0%3D--a530327e08a670503823ca8cf7c779463e5bc045&funnel_step_id=eEk3VTd2a05OUVpYWWtCbXY1RnBidz09LS1GZTJTVk1vRjlMMms0Zk9yZFUwRHBnPT0%3D--6150c9966019baa6741b3fc0ebfbb636fda223f3&user_id=WEdkSEt4dmd0djU0M3N2a0xYWmRKZz09LS1mdHpBbE9yQk5JNEtvMlYzMkczdzFBPT0%3D--08a28761e0a5d75b7b1c82f7fe17a7876af4778c&account_id=TlNWMy9SVmY3ZzA4enJ4U2wrVEp2QT09LS1UcmNaYkozejhiZGpXTHZIWlViOThnPT0%3D--8db7e63b9321afe674cf9814ef16ab58f7c14b3a&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=7005c516-23ed-4840-a857-7252dfa59db8&url=https%3A%2F%2Fbestforlife.life%2Findia
104.16.13.194202 Accepted 472 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=Zlg0NVNVUEZla0k1aXkxenJ6d3VlQT09LS1QK2YvbEFydFpPYTJ3TVMvNVJyeFBBPT0%3D--f4c64c327ed0220838e8bf5c07d19a329ea28554&page_id=K0wxNG1XcVhOWndMSGk3c1Q5dkZZUT09LS1tWlpaM090c253WUZjNDcwb3dSSjFnPT0%3D--a530327e08a670503823ca8cf7c779463e5bc045&funnel_step_id=eEk3VTd2a05OUVpYWWtCbXY1RnBidz09LS1GZTJTVk1vRjlMMms0Zk9yZFUwRHBnPT0%3D--6150c9966019baa6741b3fc0ebfbb636fda223f3&user_id=WEdkSEt4dmd0djU0M3N2a0xYWmRKZz09LS1mdHpBbE9yQk5JNEtvMlYzMkczdzFBPT0%3D--08a28761e0a5d75b7b1c82f7fe17a7876af4778c&account_id=TlNWMy9SVmY3ZzA4enJ4U2wrVEp2QT09LS1UcmNaYkozejhiZGpXTHZIWlViOThnPT0%3D--8db7e63b9321afe674cf9814ef16ab58f7c14b3a&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=7005c516-23ed-4840-a857-7252dfa59db8&url=https%3A%2F%2Fbestforlife.life%2Findia
IP 104.16.13.194:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
GET /userevents/?funnel_id=Zlg0NVNVUEZla0k1aXkxenJ6d3VlQT09LS1QK2YvbEFydFpPYTJ3TVMvNVJyeFBBPT0%3D--f4c64c327ed0220838e8bf5c07d19a329ea28554&page_id=K0wxNG1XcVhOWndMSGk3c1Q5dkZZUT09LS1tWlpaM090c253WUZjNDcwb3dSSjFnPT0%3D--a530327e08a670503823ca8cf7c779463e5bc045&funnel_step_id=eEk3VTd2a05OUVpYWWtCbXY1RnBidz09LS1GZTJTVk1vRjlMMms0Zk9yZFUwRHBnPT0%3D--6150c9966019baa6741b3fc0ebfbb636fda223f3&user_id=WEdkSEt4dmd0djU0M3N2a0xYWmRKZz09LS1mdHpBbE9yQk5JNEtvMlYzMkczdzFBPT0%3D--08a28761e0a5d75b7b1c82f7fe17a7876af4778c&account_id=TlNWMy9SVmY3ZzA4enJ4U2wrVEp2QT09LS1UcmNaYkozejhiZGpXTHZIWlViOThnPT0%3D--8db7e63b9321afe674cf9814ef16ab58f7c14b3a&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=7005c516-23ed-4840-a857-7252dfa59db8&url=https%3A%2F%2Fbestforlife.life%2Findia HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 19:08:35 GMT
content-type: text/html
cf-ray: 74e51723c86eb50b-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: f55a5fc0630de40db0495037e7afc194
x-runtime: 0.042430
set-cookie: __cf_bm=VovO_rlpuzo7KvAsdFywc62tdcthtnEX6aZkDX3ZEts-1663787315-0-Aen/9Oacm9ieQXJopnbXDAkJjGcC71SQbZuxdUAU56XZlsc+6qKJxX+tzrtoXd12pSXwPaM2VoDFl0lK3u1NqqxAeBWbtH6/KF6rgtX3WLEQ; path=/; expires=Wed, 21-Sep-22 19:38:35 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bestforlife.life/vendor.js
104.16.12.194200 OK 5.5 kB URL HTTP/2 www.bestforlife.life/vendor.js
IP 104.16.12.194:0
Hash 5e6878c6b5f76adbb676a33b87138268
ff3783829c680499413223576be5a7ed59cd5887
b446dfb0ec78f2023f977aa7b54b23d4a9eb6c08233c9a32b0fd8f6712626ae0
Analyzer Verdict Alert fortinet Phishing
GET /vendor.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UCW6nYXPeUNiBf9uzD1gO_wwJFGZAQ6_6kXgX4kCsLk-1663787315-0-AVKPE7WT5380HdeNjdVTMJH2q/phRrxcvmuyRuEyRHvg/UwwXsB30w7uCSUDA2LiMznBfdDFrtMvoNgLE+n8BiE5k2Id0hxMgho8j+aKbsTN
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:35 GMT
content-type: application/javascript
cf-ray: 74e5172398f30b59-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: ea5ed2d59b93be697c73cb5778d2a3a5
x-runtime: 0.018745
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e1b099985efaf8c67552ba2a67ae2a21
b464042a8dd957fd751bc03701e5907b85a02099
e715e3919eba0991fffa4e7123e5561c7190ec5cd6d10d64430be810650486a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 39d2d0e9cd89916c0d95c9ab8210edc7
17d838a6bb0b243679d5cf238091b25824152e80
2175b4996210058613c66723a54a56e9c50da6db09b88551c3097c9d576a2379
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 19:08:36 GMT
server: ESF
cache-control: private
content-length: 30794
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
app.clickfunnels.com/userevents/?funnel_id=Zlg0NVNVUEZla0k1aXkxenJ6d3VlQT09LS1QK2YvbEFydFpPYTJ3TVMvNVJyeFBBPT0%3D--f4c64c327ed0220838e8bf5c07d19a329ea28554&page_id=K0wxNG1XcVhOWndMSGk3c1Q5dkZZUT09LS1tWlpaM090c253WUZjNDcwb3dSSjFnPT0%3D--a530327e08a670503823ca8cf7c779463e5bc045&funnel_step_id=eEk3VTd2a05OUVpYWWtCbXY1RnBidz09LS1GZTJTVk1vRjlMMms0Zk9yZFUwRHBnPT0%3D--6150c9966019baa6741b3fc0ebfbb636fda223f3&user_id=WEdkSEt4dmd0djU0M3N2a0xYWmRKZz09LS1mdHpBbE9yQk5JNEtvMlYzMkczdzFBPT0%3D--08a28761e0a5d75b7b1c82f7fe17a7876af4778c&account_id=TlNWMy9SVmY3ZzA4enJ4U2wrVEp2QT09LS1UcmNaYkozejhiZGpXTHZIWlViOThnPT0%3D--8db7e63b9321afe674cf9814ef16ab58f7c14b3a&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=c9f59084-9557-4895-957f-631f43afbb93&url=https%3A%2F%2Fbestforlife.life%2Findia
104.16.13.194202 Accepted 14 kB URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=Zlg0NVNVUEZla0k1aXkxenJ6d3VlQT09LS1QK2YvbEFydFpPYTJ3TVMvNVJyeFBBPT0%3D--f4c64c327ed0220838e8bf5c07d19a329ea28554&page_id=K0wxNG1XcVhOWndMSGk3c1Q5dkZZUT09LS1tWlpaM090c253WUZjNDcwb3dSSjFnPT0%3D--a530327e08a670503823ca8cf7c779463e5bc045&funnel_step_id=eEk3VTd2a05OUVpYWWtCbXY1RnBidz09LS1GZTJTVk1vRjlMMms0Zk9yZFUwRHBnPT0%3D--6150c9966019baa6741b3fc0ebfbb636fda223f3&user_id=WEdkSEt4dmd0djU0M3N2a0xYWmRKZz09LS1mdHpBbE9yQk5JNEtvMlYzMkczdzFBPT0%3D--08a28761e0a5d75b7b1c82f7fe17a7876af4778c&account_id=TlNWMy9SVmY3ZzA4enJ4U2wrVEp2QT09LS1UcmNaYkozejhiZGpXTHZIWlViOThnPT0%3D--8db7e63b9321afe674cf9814ef16ab58f7c14b3a&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=c9f59084-9557-4895-957f-631f43afbb93&url=https%3A%2F%2Fbestforlife.life%2Findia
IP 104.16.13.194:0
Hash d348ea7c67cf70cc27add8ec15920c5f
46b2db74425f5c6c10c69831277b83c76c8c24b8
e9198b139add4e4683e04549366c63b57000c4e9d719c0e5820124d63d0fccff
GET /userevents/?funnel_id=Zlg0NVNVUEZla0k1aXkxenJ6d3VlQT09LS1QK2YvbEFydFpPYTJ3TVMvNVJyeFBBPT0%3D--f4c64c327ed0220838e8bf5c07d19a329ea28554&page_id=K0wxNG1XcVhOWndMSGk3c1Q5dkZZUT09LS1tWlpaM090c253WUZjNDcwb3dSSjFnPT0%3D--a530327e08a670503823ca8cf7c779463e5bc045&funnel_step_id=eEk3VTd2a05OUVpYWWtCbXY1RnBidz09LS1GZTJTVk1vRjlMMms0Zk9yZFUwRHBnPT0%3D--6150c9966019baa6741b3fc0ebfbb636fda223f3&user_id=WEdkSEt4dmd0djU0M3N2a0xYWmRKZz09LS1mdHpBbE9yQk5JNEtvMlYzMkczdzFBPT0%3D--08a28761e0a5d75b7b1c82f7fe17a7876af4778c&account_id=TlNWMy9SVmY3ZzA4enJ4U2wrVEp2QT09LS1UcmNaYkozejhiZGpXTHZIWlViOThnPT0%3D--8db7e63b9321afe674cf9814ef16ab58f7c14b3a&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=c9f59084-9557-4895-957f-631f43afbb93&url=https%3A%2F%2Fbestforlife.life%2Findia HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 19:08:36 GMT
content-type: text/html
cf-ray: 74e51723c86bb50b-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: d15103840c9fdbcff577567eb0ed58c3
x-runtime: 0.095392
set-cookie: __cf_bm=IROgYnZ6fBTKEhrTzNX7DkRLExSkcQI86aGP18BayZo-1663787316-0-AfCQiSpzAC+cMupKVJ6ZMi2dJgB82t+JG4tu9z0ZcBJyCkDt79e9oaa0VteGs1GCgtXP9R0sDjU4qDWQUdpPUlEKwIBZivKCOPGmf3pam75+; path=/; expires=Wed, 21-Sep-22 19:38:36 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 869888e1890c222872a5ff515e402f71
871286989c0d3639dba0a84b8e43b8f29414024a
0b4c15ba6ed6d9dc0b6a64ef4f9935061a66ff1dadf1827b202933b62b04f680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/okEUYy2PvHY/sddefault.webp
142.250.74.150200 OK 16 kB URL HTTP/2 i.ytimg.com/vi_webp/okEUYy2PvHY/sddefault.webp
IP 142.250.74.150:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 69490c2522e8f333f950460495642d0f
38cc10f4f16e24740ad20e5913e36fe93f7c47d6
d77c14b639141cdf468d350a5c658a02e81b37493aa20e4c7f164e61aa0bb585
GET /vi_webp/okEUYy2PvHY/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 16380
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:08:36 GMT
expires: Wed, 21 Sep 2022 19:13:36 GMT
cache-control: public, max-age=300
etag: "0"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ed6084d514b7ae2f533c3d6a24d929de
2d445d0513b8b327a47e8f944090e2ffe4ef0493
8390b9105b2bbda978cbc8c420cbc66b9e162ab1ae60ecfd8e563e982c2bb505
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 19:08:36 GMT
server: ESF
cache-control: private
content-length: 31090
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 869888e1890c222872a5ff515e402f71
871286989c0d3639dba0a84b8e43b8f29414024a
0b4c15ba6ed6d9dc0b6a64ef4f9935061a66ff1dadf1827b202933b62b04f680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d744c3eee332d1413a76a05a14fe480
16b898402c9d9ddcc10960cae7a3a65f4569fd88
6461977f05a68482f643f0d0bc859aa77197ff8ab66e28a0f5caafa19fcaa963
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-VhLl8DuOuhoCwoqc99mMiJSpIWXd7c2W6VYuICB8zmwo2CC9Jeuovuvv2Xu9E=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 651 B URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-VhLl8DuOuhoCwoqc99mMiJSpIWXd7c2W6VYuICB8zmwo2CC9Jeuovuvv2Xu9E=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 2b339402c32cd376de085bea391a76f2
b168d4d86e0b1380f03f31423ec2942d8bff8bda
5c12a35795f3b83184c70cb5014aecafdf916e0e1de447693a68b3681a0a0758
GET /ytc/AMLnZu-VhLl8DuOuhoCwoqc99mMiJSpIWXd7c2W6VYuICB8zmwo2CC9Jeuovuvv2Xu9E=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 651
x-xss-protection: 0
date: Wed, 21 Sep 2022 17:21:30 GMT
expires: Thu, 22 Sep 2022 17:21:30 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 6426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d744c3eee332d1413a76a05a14fe480
16b898402c9d9ddcc10960cae7a3a65f4569fd88
6461977f05a68482f643f0d0bc859aa77197ff8ab66e28a0f5caafa19fcaa963
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bestforlife.life/hosted/images/a3/84941e79e749d98e6d053f0260b788/award-4_en.png
104.16.12.194200 OK 14 kB URL HTTP/2 www.bestforlife.life/hosted/images/a3/84941e79e749d98e6d053f0260b788/award-4_en.png
IP 104.16.12.194:0
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash b23f8f54ca7abb700b60d729aa501b59
67d4177852367711d469014b4d6ad628f1c7ef37
73d59114ada9ae1fcca329c92713cd294e29c6471ed1e5b1cec036182ad94da2
GET /hosted/images/a3/84941e79e749d98e6d053f0260b788/award-4_en.png HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UCW6nYXPeUNiBf9uzD1gO_wwJFGZAQ6_6kXgX4kCsLk-1663787315-0-AVKPE7WT5380HdeNjdVTMJH2q/phRrxcvmuyRuEyRHvg/UwwXsB30w7uCSUDA2LiMznBfdDFrtMvoNgLE+n8BiE5k2Id0hxMgho8j+aKbsTN
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:37 GMT
content-type: image/png
content-length: 13514
cf-ray: 74e5172b291f0b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "937cf3f8584c35e27f97d9354fb41312"
last-modified: Mon, 12 Sep 2022 06:40:44 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13535
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/19/5fbfa939824f7cb34e20bc7c93965f/yg4-winner-dp-1-.jpg
104.16.12.194200 OK 18 kB URL HTTP/2 www.bestforlife.life/hosted/images/19/5fbfa939824f7cb34e20bc7c93965f/yg4-winner-dp-1-.jpg
IP 104.16.12.194:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, orientation=upper-left], progressive, precision 8, 380x220, components 3\012- data
Hash 9afa309d09d421cb5e6982c086b657bb
82da08a6ee5e57a15396f5bfebf3175ebe2330fa
a20841a87de609409625b9b8ee4b2e7e0e33c9c74353ad848af8b71d1a1860ac
GET /hosted/images/19/5fbfa939824f7cb34e20bc7c93965f/yg4-winner-dp-1-.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UCW6nYXPeUNiBf9uzD1gO_wwJFGZAQ6_6kXgX4kCsLk-1663787315-0-AVKPE7WT5380HdeNjdVTMJH2q/phRrxcvmuyRuEyRHvg/UwwXsB30w7uCSUDA2LiMznBfdDFrtMvoNgLE+n8BiE5k2Id0hxMgho8j+aKbsTN
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:37 GMT
content-type: image/jpeg
content-length: 17961
cf-ray: 74e5172b29160b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "9607c8474129e1d5ab5dde2c92007ffe"
last-modified: Tue, 20 Sep 2022 22:38:50 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=18118, status=webp_bigger
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/5f/9d9fd2f7b542179fd44868c1151845/award-1_en.png
104.16.12.194200 OK 28 kB URL HTTP/2 www.bestforlife.life/hosted/images/5f/9d9fd2f7b542179fd44868c1151845/award-1_en.png
IP 104.16.12.194:0
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash 7019715972c14ccc264916cb5797dc48
44f3faf4e591cc9ef9ad3761da4fbc2f0f3302db
a4902f16ae13da544d75eafbb37de6d71bda8ae9b19f90bfb03f38a80d99e6ad
GET /hosted/images/5f/9d9fd2f7b542179fd44868c1151845/award-1_en.png HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UCW6nYXPeUNiBf9uzD1gO_wwJFGZAQ6_6kXgX4kCsLk-1663787315-0-AVKPE7WT5380HdeNjdVTMJH2q/phRrxcvmuyRuEyRHvg/UwwXsB30w7uCSUDA2LiMznBfdDFrtMvoNgLE+n8BiE5k2Id0hxMgho8j+aKbsTN
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:37 GMT
content-type: image/png
content-length: 27840
cf-ray: 74e5172b291b0b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "1929b0d827ebdc6e911d585c21a34cf5"
last-modified: Mon, 12 Sep 2022 06:40:43 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=27861
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/e7/9c5e6dbb284b419f2581a72d8f3e84/award-5_en.png
104.16.12.194200 OK 38 kB URL HTTP/2 www.bestforlife.life/hosted/images/e7/9c5e6dbb284b419f2581a72d8f3e84/award-5_en.png
IP 104.16.12.194:0
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash ce7b869474e06a1514a28029fe8fa9bc
ea6626ab98fc9c58b2c4e41f1d409aded8697e2b
e55d0a706f85ff9918f5d1c5f8edbb291fe4b4d33991e10ce9f6fc43c5a3cf0c
GET /hosted/images/e7/9c5e6dbb284b419f2581a72d8f3e84/award-5_en.png HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UCW6nYXPeUNiBf9uzD1gO_wwJFGZAQ6_6kXgX4kCsLk-1663787315-0-AVKPE7WT5380HdeNjdVTMJH2q/phRrxcvmuyRuEyRHvg/UwwXsB30w7uCSUDA2LiMznBfdDFrtMvoNgLE+n8BiE5k2Id0hxMgho8j+aKbsTN
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:37 GMT
content-type: image/png
content-length: 37891
cf-ray: 74e5172b291d0b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "bef47ae0e5472d7cd0e2217b855bca7e"
last-modified: Mon, 12 Sep 2022 06:40:44 GMT
vary: Accept, Accept-Encoding
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=37912
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/4a/259d6d557944a3ba32a71896c0821d/yg4-winner-gm-1-.jpg
104.16.12.194200 OK 16 kB URL HTTP/2 www.bestforlife.life/hosted/images/4a/259d6d557944a3ba32a71896c0821d/yg4-winner-gm-1-.jpg
IP 104.16.12.194:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, orientation=upper-left], progressive, precision 8, 380x220, components 3\012- data
Hash 6daee3627af104a5e773670f97a121ed
5c372c62d44b2fe3b5384eb2e3758f3d08f6225d
4a72e05fd533338e7e89bc0b84d580271937b8a0c2f6e0d106dceb4a6ab31b33
GET /hosted/images/4a/259d6d557944a3ba32a71896c0821d/yg4-winner-gm-1-.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UCW6nYXPeUNiBf9uzD1gO_wwJFGZAQ6_6kXgX4kCsLk-1663787315-0-AVKPE7WT5380HdeNjdVTMJH2q/phRrxcvmuyRuEyRHvg/UwwXsB30w7uCSUDA2LiMznBfdDFrtMvoNgLE+n8BiE5k2Id0hxMgho8j+aKbsTN
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:37 GMT
content-type: image/jpeg
content-length: 15535
cf-ray: 74e5172b29120b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "9ee74e7d730fc9f1a89a85f37e686db4"
last-modified: Tue, 20 Sep 2022 22:38:25 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=15644, status=webp_bigger
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/31/feeb7ef4754395a22472356af89d12/yg4-winner-ir.jpg
104.16.12.194200 OK 11 kB URL HTTP/2 www.bestforlife.life/hosted/images/31/feeb7ef4754395a22472356af89d12/yg4-winner-ir.jpg
IP 104.16.12.194:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, orientation=upper-left], progressive, precision 8, 380x220, components 3\012- data
Hash 2741cb7ef995804be21818c42bef4b52
3d7b57a79949d7b8b804bd65479b8989b1fa72e2
31ed2d20c48e3be84b70c5da50add44e104fba41cf78d8a7968116dbb8c00062
GET /hosted/images/31/feeb7ef4754395a22472356af89d12/yg4-winner-ir.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UCW6nYXPeUNiBf9uzD1gO_wwJFGZAQ6_6kXgX4kCsLk-1663787315-0-AVKPE7WT5380HdeNjdVTMJH2q/phRrxcvmuyRuEyRHvg/UwwXsB30w7uCSUDA2LiMznBfdDFrtMvoNgLE+n8BiE5k2Id0hxMgho8j+aKbsTN
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:37 GMT
content-type: image/jpeg
content-length: 10672
cf-ray: 74e5172b290b0b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "f8203edaf825f12c9f2878733a17eefc"
last-modified: Tue, 20 Sep 2022 22:38:08 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10869, status=webp_bigger
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 19:08:37 GMT
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 3788
x-timer: S1663787317.187430,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 37b6097226b409c237ef99f1da688e60
71ab02ee2fd165ba99e9b964a1a3e5055c88224b
ab0e339aa9b34926c6fb4e1191e121febe026996f1cb0bc05ecb187a69653282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1693
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 19:08:37 GMT
Last-Modified: Wed, 21 Sep 2022 18:40:24 GMT
Server: ECS (amb/6B83)
X-Cache: HIT
Content-Length: 471
bestforlife.life/cdn-cgi/rum?
162.241.63.77404 Not Found 14 kB URL HTTP/2 bestforlife.life/cdn-cgi/rum?
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16728), with CRLF, LF line terminators
Hash 2fd342c93cb312faa1ba677916751786
73332a4af13a51ba7fef8f3b9e1e3f5829a216f4
1e8faf0b838b733a2bfaca8da5ed5b38140a6eddcbd290d6844224a364ab15c1
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/rum? HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 11435
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/india
Cookie: PHPSESSID=39761edc9c565f756836e217b96166b4; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYzNjYzNjU=:visited=true; cf:visitor_id=2f2e8421-c2b2-4c6b-a57b-247e48849115; addevent_track_cookie=185237cd-c084-4fea-7fd1-57d1c2ff4951
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://bestforlife.life/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
content-length: 14262
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 19:08:37 GMT
server: Apache
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4272&ck=1&ref=https://bestforlife.life/india&ap=254&be=1391&fe=3885&dc=2710&perf=%7B%22timing%22:%7B%22of%22:1663787312926,%22n%22:0,%22f%22:364,%22dn%22:372,%22dne%22:373,%22c%22:374,%22s%22:512,%22ce%22:835,%22rq%22:836,%22rp%22:1370,%22rpe%22:1370,%22dl%22:1380,%22di%22:2692,%22ds%22:2708,%22de%22:2879,%22dc%22:3883,%22l%22:3883,%22le%22:3999%7D,%22navigation%22:%7B%7D%7D&fcp=1869&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4272&ck=1&ref=https://bestforlife.life/india&ap=254&be=1391&fe=3885&dc=2710&perf=%7B%22timing%22:%7B%22of%22:1663787312926,%22n%22:0,%22f%22:364,%22dn%22:372,%22dne%22:373,%22c%22:374,%22s%22:512,%22ce%22:835,%22rq%22:836,%22rp%22:1370,%22rpe%22:1370,%22dl%22:1380,%22di%22:2692,%22ds%22:2708,%22de%22:2879,%22dc%22:3883,%22l%22:3883,%22le%22:3999%7D,%22navigation%22:%7B%7D%7D&fcp=1869&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4272&ck=1&ref=https://bestforlife.life/india&ap=254&be=1391&fe=3885&dc=2710&perf=%7B%22timing%22:%7B%22of%22:1663787312926,%22n%22:0,%22f%22:364,%22dn%22:372,%22dne%22:373,%22c%22:374,%22s%22:512,%22ce%22:835,%22rq%22:836,%22rp%22:1370,%22rpe%22:1370,%22dl%22:1380,%22di%22:2692,%22ds%22:2708,%22de%22:2879,%22dc%22:3883,%22l%22:3883,%22le%22:3999%7D,%22navigation%22:%7B%7D%7D&fcp=1869&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 19:08:37 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74e5172e6bbeb500-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=6308a0f8b4e57bc0; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bestforlife.life/india
162.241.63.77200 OK 0 B IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /india HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=39761edc9c565f756836e217b96166b4; path=/; secure; HttpOnly
__cf_bm=QVEi6rdgHV5XrFoaobr8SonrpCXxSEuUEdq_GvCwxPI-1663787314-0-AS4gZyI4cFFyBK+0TNbJeYTl3+JAjBbyV1LXGHgi5p2NyQdHGDXLtJZXQxBiFUtpuD2+Q/0t6FXkvGm8iCBkS0WzatiK45m2EvnmFc44fTcW; path=/; expires=Wed, 21-Sep-22 19:38:34 GMT; domain=.www.bestforlife.life; HttpOnly; Secure
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 19:08:33 GMT
server: Apache
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.133.15:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:34 GMT
content-type: text/css
x-amz-id-2: D5Mo7exQT5WqZ1JWwMwvE+13saBvWzx81R04KHDQjke+Km4QbzD5I5t54BEw/JqTRB/hjVxPUSs=
x-amz-request-id: 48X5PPB0148RGJHT
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28554333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYkcRObi%2F27eBCk8XeE9%2FaNmfc6zwx0TutDayNAoG5aubZjB8KbPC46gZ68iz3EYRa5%2BZm9PDJAI8mx8xz4kfQ%2BvCnXi%2F8KXFOjlOp5QnsLZTrbNCvqodJ%2Fuopjqc0ZC99hfrYfj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e5171c3b5674bd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 19:08:34 GMT
date: Wed, 21 Sep 2022 19:08:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bestforlife.life/assets/userevents/application.js
104.16.12.194200 OK 0 B URL HTTP/2 www.bestforlife.life/assets/userevents/application.js
IP 104.16.12.194:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/userevents/application.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:35 GMT
content-type: application/x-javascript
cf-ray: 74e5171eaa500b59-OSL
access-control-allow-origin: *
age: 835
cache-control: public, max-age=1200
etag: W/"632b3357-1353"
expires: Wed, 21 Sep 2022 19:28:35 GMT
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=UCW6nYXPeUNiBf9uzD1gO_wwJFGZAQ6_6kXgX4kCsLk-1663787315-0-AVKPE7WT5380HdeNjdVTMJH2q/phRrxcvmuyRuEyRHvg/UwwXsB30w7uCSUDA2LiMznBfdDFrtMvoNgLE+n8BiE5k2Id0hxMgho8j+aKbsTN; path=/; expires=Wed, 21-Sep-22 19:38:35 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:34 GMT
content-type: text/css
x-amz-id-2: ChvavqXk4dTUCPMn6FkPgV+eEk+I8QeJyB2yWs6IlFvHBTzu99qI/vw5iTcAXbAfQrEFpY/Y1x8=
x-amz-request-id: 48XFPJVPSZ46EFY4
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28554333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtHnDTaTrz5FnJCAKojqLs%2FUOaKmVhP%2F%2B4hqyAm2%2Bus12YXlRh47HGDF1EegTMkH%2FcrodCCh2s5oVqyNMmb%2FTf5zdet%2F5nrNUhRu6GHeLO7U%2BLwcFOCJrkocm2pWNlULwLIJwfF5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e5171c3b4f74bd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bestforlife.life/assets/lander.js
104.16.12.194200 OK 0 B URL HTTP/2 www.bestforlife.life/assets/lander.js
IP 104.16.12.194:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/lander.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:35 GMT
content-type: application/x-javascript
cf-ray: 74e5171eaa560b59-OSL
access-control-allow-origin: *
age: 824
cache-control: public, max-age=1200
etag: W/"632b33c5-238fd1"
expires: Wed, 21 Sep 2022 19:28:35 GMT
last-modified: Wed, 21 Sep 2022 15:54:45 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=sMMcG9KrTbm9rvluDG.foLr.7fSjMQ9fRybJyrnbGBc-1663787315-0-AewYuHqL8uDFbxVPoI+ECT9D1Iymkd+jOdL2GY/7I28EYwNX5IOaQSwpmWGiG1/hawuAyPQSPEj3At2FrkeGQXf7uT87pLakVl5EhcTuvQk8; path=/; expires=Wed, 21-Sep-22 19:38:35 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.bestforlife.life/assets/lander.css
104.16.12.194200 OK 0 B URL HTTP/2 www.bestforlife.life/assets/lander.css
IP 104.16.12.194:0
GET /assets/lander.css HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:34 GMT
content-type: text/css
cf-ray: 74e5171dc95b0b59-OSL
access-control-allow-origin: *
age: 834
cache-control: public, max-age=1200
etag: W/"632b3357-6a514"
expires: Wed, 21 Sep 2022 19:28:34 GMT
last-modified: Wed, 21 Sep 2022 15:52:55 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=hWWCQ.OhrRToXWjp0FSuq6oPuLRhQP0sd3zPDhWy_WE-1663787314-0-AXoYtdifpmWBFq2tRAgvEb6r9fuDi5v3+6ZeEnYPiKa5f6oWPTO8FiaeKx2lGpzGEaVMTwlL4ciSE77ppwKVpvldKr3HymWo7SZe8bX76kzt; path=/; expires=Wed, 21-Sep-22 19:38:34 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.youtube.com/embed/okEUYy2PvHY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/okEUYy2PvHY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
IP 142.250.74.14:0
GET /embed/okEUYy2PvHY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 19:08:35 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=7FJm_fA34CI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=E_dli3iHiP0; Domain=.youtube.com; Expires=Mon, 20-Mar-2023 19:08:35 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+653; expires=Fri, 20-Sep-2024 19:08:35 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.clickfunnels.com/images/closemodal.png
104.16.13.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/images/closemodal.png
IP 104.16.13.194:0
GET /images/closemodal.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=YKlC7RKHTzemcPGnktcpNHdq..oCjNAEuj16z_3zKeQ-1663787314-0-AaQTqPwJiorJ15jXm/W9cY82XhS3zyifdFrjraDqkrArY1EN6Y1P4uLM4nUvEu4pWxcUd1L0U9h8021k8KGnpl2YyhKMkCZ+U91y7SDD/umi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:37 GMT
content-type: image/webp
cf-ray: 74e5172b2bfeb50b-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1816979
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sat, 22 Oct 2022 19:08:37 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/images/background.png?_unique=0.4135635460590905&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//bestforlife.life/india&_title=Jeetcity%20Casino&_key=fyzzeg1v&_page_key=knabb6fl8kqpwjea&_fid=12446350&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://bestforlife.life/india&_referrer=
104.16.12.194200 OK 0 B URL HTTP/2 www.bestforlife.life/images/background.png?_unique=0.4135635460590905&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//bestforlife.life/india&_title=Jeetcity%20Casino&_key=fyzzeg1v&_page_key=knabb6fl8kqpwjea&_fid=12446350&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://bestforlife.life/india&_referrer=
IP 104.16.12.194:0
GET /images/background.png?_unique=0.4135635460590905&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//bestforlife.life/india&_title=Jeetcity%20Casino&_key=fyzzeg1v&_page_key=knabb6fl8kqpwjea&_fid=12446350&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://bestforlife.life/india&_referrer= HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 19:08:37 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 74e5172b29250b59-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 7503f5e971fa541edb238171625868ac
x-runtime: 0.079701
set-cookie: __cf_bm=idWA7QYIUTXhsVMgX.yB6CiQdXUwVRplOVSYz7dei4g-1663787317-0-Af7e3xxlpN6OJ6kbf4ChiRo6Gk18PhVz6P9PLiLlCPizFZay2odlL9kh123+29FVCxuRm4z0HzSrV2Q/+yIT6XVerS+SKA+AcP3aa/2irEck; path=/; expires=Wed, 21-Sep-22 19:38:37 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=8GVgCmC5uxMi.P219vnSttQz6pTRGeSiGwNnEznTuz0-1663787317-0-ATo25uhNwJkSi7XhMFUAvyQ4vlSLelrLMt9z6y593HUa58xvxedVVz5X_WUG3JsmkYn6YS22_IVABJnhfVvpazB_AfaYxgNoBH85LTMrSw7R"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=8GVgCmC5uxMi.P219vnSttQz6pTRGeSiGwNnEznTuz0-1663787317-0-ATo25uhNwJkSi7XhMFUAvyQ4vlSLelrLMt9z6y593HUa58xvxedVVz5X_WUG3JsmkYn6YS22_IVABJnhfVvpazB_AfaYxgNoBH85LTMrSw7R; report-to cf-csp-endpoint
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2