| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbe88d3e043e3b95b52e41812e50fb634 0318ba1ce487817ea7cba61dd9413bed29213800 b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5578
Expires: Tue, 13 Sep 2022 18:46:44 GMT
Date: Tue, 13 Sep 2022 17:13:46 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.115 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash99b7d23c1748d0526782b9ff9ea45f09 eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 17:08:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QDWMkQugIw-SlCGsrSS214GN2ASpJ9qrqEMLzmxSdeuwEVM8eelmlg==
Age: 298
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.35 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.35:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Nw2CWVwnz3JqV8LMvJNrPZuFsV_2nkekTs4O5jcPjphrobo8xCfJdA==
age: 45512
X-Firefox-Spdy: h2
|
|
| cloth.healthtechdirectory.com/ga/click/2-285674166-1434-14122-27577-25447-f01c1fda3d-j50ad3bb15 | 45.85.251.122 | 302 Found | 125 B |
URL HTTP/1.1cloth.healthtechdirectory.com/ga/click/2-285674166-1434-14122-27577-25447-f01c1fda3d-j50ad3bb15 IP45.85.251.122:0
File typeHTML document text\012- HTML document, ASCII text, with no line terminators Hash8add981b240f1aa5ffc0735f3e04848d df50ea6543d873911438b96053f2782078499dc2 55da7ec88fe940b18c82564017311a45704dcbb25c5a92bc99b297c8ada01187
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /ga/click/2-285674166-1434-14122-27577-25447-f01c1fda3d-j50ad3bb15 HTTP/1.1
Host: cloth.healthtechdirectory.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 13 Sep 2022 17:13:23 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: 4892e19ec7a96e9c682f60b15edaad32
Location: https://mwebnice.com/6688/602/2/?subid=iujthygtrfgthyjtytrg
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.022595
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 17:13:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.115 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 17:03:22 GMT
Expires: Tue, 13 Sep 2022 17:14:28 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jCxlmvkEZjaxvGU_vmZYQ49QUItyGHRbVliYOUvQnis_BL9NdiAamg==
Age: 624
|
|
| ocsp.starfieldtech.com/ | 192.124.249.22 | 200 OK | 1.8 kB |
IP192.124.249.22:0
Hashb4b7df4fbc712f9512cd8442dc739a5f 39c9bb5ece1f69855e4d0c95e73c946d16d144da 56623d2994672d3904f02013b0a287931da7684c798e4af189e6c7c52227e567
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 13 Sep 2022 17:13:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 13 Sep 2022 09:13:10 GMT
Expires: Wed, 14 Sep 2022 09:13:10 GMT
ETag: "39c9bb5ece1f69855e4d0c95e73c946d16d144da"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe96dbe1b54932c8f447bbbfc9d31cfb0 b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd 427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2818
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:47 GMT
Last-Modified: Tue, 13 Sep 2022 16:26:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
|
|
| mwebnice.com/6688/602/2/?subid=iujthygtrfgthyjtytrg | 104.21.10.231 | 302 Found | 188 B |
URL HTTP/2mwebnice.com/6688/602/2/?subid=iujthygtrfgthyjtytrg IP104.21.10.231:0
File typeHTML document, ASCII text Hashc8a5ea3ba898c88915c683cdc13d9a85 77e836068eecad03b0dfa8b42aa5ed630d5a2444 45b02fa393e929f678a4d0e59e7eb7ec21f04c73ea7f50bf28cc37b535ddf9a2
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /6688/602/2/?subid=iujthygtrfgthyjtytrg HTTP/1.1
Host: mwebnice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 13 Sep 2022 17:13:46 GMT
content-type: text/html; charset=UTF-8
location: https://www.eiihbtrk.com/63CFP/2QZRGT/?sub5=noaff&sub1=6688_sessid20220913171346522&source_id=602
cache-control: max-age=3600, private
pragma: no-cache
expires: Tue, 13 Sep 2022 18:13:46 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a283f22bf1b523-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.starfieldtech.com/ | 192.124.249.22 | 200 OK | 1.8 kB |
IP192.124.249.22:0
Hashb4b7df4fbc712f9512cd8442dc739a5f 39c9bb5ece1f69855e4d0c95e73c946d16d144da 56623d2994672d3904f02013b0a287931da7684c798e4af189e6c7c52227e567
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 13 Sep 2022 17:13:46 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 13 Sep 2022 09:13:10 GMT
Expires: Wed, 14 Sep 2022 09:13:10 GMT
ETag: "39c9bb5ece1f69855e4d0c95e73c946d16d144da"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 345 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash4fcff92342df77d549400b8412e87788 a9f05d91a7c3d7ee5689baab70c7050782cdb2f0 6389ae454f8f72dc1b1609394aa83b533624c9f791d0a6e01f4261f58551867f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6389AE454F8F72DC1B1609394AA83B533624C9F791D0A6E01F4261F58551867F"
Last-Modified: Tue, 13 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13845
Expires: Tue, 13 Sep 2022 21:04:32 GMT
Date: Tue, 13 Sep 2022 17:13:47 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 44.240.207.158 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.240.207.158:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q29n15UOitfiOkHSZjDo+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PVWxgyfXDGYufZthVodABkz5FV8=
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 345 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash4fcff92342df77d549400b8412e87788 a9f05d91a7c3d7ee5689baab70c7050782cdb2f0 6389ae454f8f72dc1b1609394aa83b533624c9f791d0a6e01f4261f58551867f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6389AE454F8F72DC1B1609394AA83B533624C9F791D0A6E01F4261F58551867F"
Last-Modified: Tue, 13 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13845
Expires: Tue, 13 Sep 2022 21:04:32 GMT
Date: Tue, 13 Sep 2022 17:13:47 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc79a6d9219e52788c0288a4288601f0b a55c74c35279d08872bb4b0805d3f8ff684bc322 345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| code.jquery.com/jquery-3.5.1.slim.min.js | 69.16.175.10 | 200 OK | 25 kB |
URL HTTP/2code.jquery.com/jquery-3.5.1.slim.min.js IP69.16.175.10:0
File typeASCII text, with very long lines (65245) Hash63f8c134408852106835db2f928cf0e0 7ca0035d2a05154f1f93e19793b2298973cc8733 2555d061e6c2337cc0b62e309c8d0464e8f88d6a44dab74246c37cd0154d73a5
GET /jquery-3.5.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofortnow.com
Connection: keep-alive
Referer: https://glucofortnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 17:13:48 GMT
content-encoding: gzip
content-length: 24606
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11abc"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663089228.dop232.sk1.t,1663089228.cds072.sk1.hn,1663089228.cds202.sk1.c
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4a68e0856575d52f7778bc821b5c881b 0956533f660fd0e7096540292f9b60451f60f148 0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap | 142.250.74.10 | 200 OK | 974 B |
URL HTTP/2fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap IP142.250.74.10:0
Hashfae60e0b2cef5671a01dea2ff8beb524 41684918ffd6dbe57504262db965e68967e7f4db b3170a196a3880998a7953c704d50b5c364d856382bf039d41388cd2725203df
GET /css?family=Poppins:400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofortnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 17:13:48 GMT
date: Tue, 13 Sep 2022 17:13:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2 | 104.21.63.54 | 200 OK | 74 kB |
URL HTTP/2use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2 IP104.21.63.54:0
File typeWeb Open Font Format (Version 2), TrueType, length 74328, version 329.-17695\012- data Hash64b3e814a66c2719b15abf8f7998bd73 fa5c5d34c7c375aa3e101f0b8104b6cdbcacd6a6 0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
GET /releases/v5.8.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucofortnow.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 17:13:48 GMT
content-type: font/woff2
content-length: 74328
x-amz-id-2: 2goLeMn2Ms/sMffxlUprrxLXjiOO0k30MzD+prXnDmM/kRH1v87XCIr268ZJNvAnTg7sr+UWOE2/7nT/VhNNjA==
x-amz-request-id: CSX98942FPGW9NND
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:21 GMT
etag: "64b3e814a66c2719b15abf8f7998bd73"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 659185
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTfseceHH5BP2zrcsrVyro1MDEWfJ%2BiXOx8E4OeFr3CktjD4mXIQQ6PNru%2BvYC5fyU5pbf%2BU7eI5Agd3R3FDiReu96S2emFgvFmxMSCsNQd3Ds%2FQfUV54CtovRgzKgWmmVt3bFIz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a283fd1a9d0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 8.0 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucofortnow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:59 GMT
expires: Thu, 07 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 510169
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 16 kB |
URL HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js IP104.18.11.207:0
File typeASCII text, with very long lines (57791) Hash80929a0564483e97925a118a05ec87dd b08a19de3e59e7ba7682351d52a4e0b158365d88 d20ec77b93cca0e0443fccaf2840f21bf3f15f9b491f956d53a5fac5fa745d6a
GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofortnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 17:13:48 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 2021-04-23 06:42:10
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 9f77a8320c556613cd1db316f0f748d4
cdn-cache: HIT
cf-cache-status: HIT
age: 11199543
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a283fc4a9fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.8 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucofortnow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:30:58 GMT
expires: Thu, 07 Sep 2023 19:30:58 GMT
cache-control: public, max-age=31536000
age: 510170
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.163 | 200 OK | 7.9 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucofortnow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:32:09 GMT
expires: Thu, 07 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 510099
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18700
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 17:13:48 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18700
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 17:13:48 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18700
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 17:13:48 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18700
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 17:13:48 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc9ab2ec10c79b91d15edb1d1e3dc763c 744fee4a0baa22ba3aa352d60620a916972b47dd f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 43wWNADffkA0e8T-SYvAMjp266nAE5hrDjNMQQsuYeT0i6xQt7wLVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:34 GMT
age: 69494
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8c1314c7778ea0d32e8c69dae0c38b6d c4772b9b182f9f905fead84f3761fe296073ca65 5fc8dc23f9b4d150b834aa69b358edd9f9f5f449607df07d579df66098d8aac6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10366
x-amzn-requestid: e4d41ba8-41c5-4350-bacb-850136434eaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEw28GD7IAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63182e92-4098031d1475d45f4899654b;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 05:39:30 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TPtgXtWkeCrsnGE_G-_MZj1U046kUiGsRaoGg-xCCavcQqt7p6jdwg==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:56:25 GMT
age: 69443
etag: "c4772b9b182f9f905fead84f3761fe296073ca65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc14088c4ca0d576e087feed41b7f1565 172b23f2ef39b6c3fdebb5441b10a95712206d0a 2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bTzXQvDkX23_t4vLJNWv7bg-DoRsdqiBhwNJH5B-RcXxj9RC-87LvA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:52 GMT
age: 70316
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash239262b6ab17cb19414c35cd4f761092 48eddcf9838e980e67cc8f9cbb05b475df2f0331 cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:41 GMT
age: 69487
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash838f709437b2dfbede4ee15307afe217 2ab2ee20e720b78be6deb55f967ac0d8b7dad048 a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TeasWs7Qh6T3oV8vJsu5JM_EApUJEGGWIvUC6Pfd41u18v8RlcPQpg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:19 GMT
age: 69389
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6174529fff57758e958da5432344962f 05ec2076b32398d60ee77fab8c14345bc7dfe647 65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 03:17:04 GMT
age: 50204
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 770 B |
IP142.250.74.3:0
Hash2dbaa2ce69759858cad275372c1d9b0c 82835a75a14f270a2358ab3101096eeba68ca0c1 948c76e964398acec2139ff48f74fef27f069765b05d4ba413ce798bb4781db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashb743089bdff5635e2f7c38d20c1910f6 f1874493bc88c2d9ba4a95a43e810da1cb452abd 3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 42 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:0
Hashb8af5de0ca305df9b29a1417c1132351 9cf1e449f0555d846347caac875f42d6560a9e6f 0758150ba3145c926fa868469b5f550a01c25860ca40fce951e0ab18361915ab
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 12:31:58 GMT
expires: Sun, 10 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 276110
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 13 Sep 2022 17:13:49 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.106 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.106:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hash99ae23d43e8882799b9fda3f0922d69d cf9151c66d6af8db9635c9405bc3dac0da9b204d a9ca987e3229c9ad365273f163904b3fad0088c282f865f067eadbce949d6907
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 13 Sep 2022 17:13:49 GMT
server: ESF
cache-control: private
content-length: 30673
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.youtube.com/iframe_api | 216.58.211.14 | 200 OK | 22 kB |
URL HTTP/2www.youtube.com/iframe_api IP216.58.211.14:0
File typeASCII text, with very long lines (509) Hashd73902f03a080ab3eef5b6592a1a2e39 c5e2fd7a6defe8eea9bb40c866ff8b8c4f5ad212 7f6b27a858de0a31fc13829831845a3a54a29075f70fdba6f07cbe13e3e856ea
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofortnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 13 Sep 2022 17:13:48 GMT
date: Tue, 13 Sep 2022 17:13:48 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=0thLDlv29Hs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=UCNKOm367SU; Domain=.youtube.com; Expires=Sun, 12-Mar-2023 17:13:48 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+648; expires=Thu, 12-Sep-2024 17:13:48 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash78f8bae58862d8be3437cfe9e927011d fb01a9cfd346f2c9b7694276c72a76e213887b06 389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js | 142.250.74.164 | 200 OK | 14 kB |
URL HTTP/2www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js IP142.250.74.164:0
File typeASCII text, with very long lines (35963) Hash0a10e1669fa5f54a96c02562d935783f fb9c033841ed0848caeede748301a5c91de6c800 25215608c929fe6c434b08bdb327df9b9ca11355840c6408602b8612073f99f5
GET /js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14185
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 05:03:42 GMT
expires: Thu, 07 Sep 2023 05:03:42 GMT
cache-control: public, max-age=31536000
age: 562207
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash2e918f71937120f8a4dabf7703832ac1 db0ddd34ea0a5146f0a2d6655801ed14e3ad48ff 5a5ae8687ec7fd801d099af10962a0b1d81f36bd7f8a366fca03a9bcd6b08e93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/ytc/AMLnZu8yeP6VV38lNs7lQ9zt8UupczYdvll43ZU4Oh5CHM57sy-MnzGSd3iVfZhe4fF5=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 1.3 kB |
URL HTTP/2yt3.ggpht.com/ytc/AMLnZu8yeP6VV38lNs7lQ9zt8UupczYdvll43ZU4Oh5CHM57sy-MnzGSd3iVfZhe4fF5=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data Hash7f0ab4b4e095dc5b2cdb5d04b9ab612b 0ff2a32baa4bb128e451ecf77baa6d06527522ae 70a24f241d81a618f213f2222820c778c9d0111ab30d308d537f7f2051d0ba83
GET /ytc/AMLnZu8yeP6VV38lNs7lQ9zt8UupczYdvll43ZU4Oh5CHM57sy-MnzGSd3iVfZhe4fF5=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1279
x-xss-protection: 0
date: Tue, 13 Sep 2022 16:33:16 GMT
expires: Wed, 14 Sep 2022 16:33:16 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 2433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash2e918f71937120f8a4dabf7703832ac1 db0ddd34ea0a5146f0a2d6655801ed14e3ad48ff 5a5ae8687ec7fd801d099af10962a0b1d81f36bd7f8a366fca03a9bcd6b08e93
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 13 Sep 2022 17:13:49 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.106 | 200 OK | 114 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.106:0
File typeJSON data\012- , ASCII text, with no line terminators Hash6e6659729adb5ccaf7a056f643f7cb05 49679903b4ec4199506a7d7bbf0c32a4e760a217 7e48e409e8e3c8e94fccec224009697d30672f0338ceb494b1a9b11537a92bb9
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1251
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 13 Sep 2022 17:13:49 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash898b4f68b255265f6d598933376f488e 858181176437609e7db589c75e07307de46c920f ab851e060a34b8d48f2a95ccef6677744f2522d4cf405ced10eaaad6bbadb1d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash898b4f68b255265f6d598933376f488e 858181176437609e7db589c75e07307de46c920f ab851e060a34b8d48f2a95ccef6677744f2522d4cf405ced10eaaad6bbadb1d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=251&source=youtube&requiressl=yes&mh=T6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2342500&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=audio%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&gir=yes&clen=45259410&otfp=1&dur=2506.021&lmt=1653327764201303&mt=1663088741&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdSdT-t7UlqTMhDPAjCkSLtpVBdOq6qE5YhpooxO_Rp4CICu7PHovpFvH2iW8jLXzmLkHwhHxqszpYce-8Gbs9zKY&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgOifuV63wldxIlcBJYWL14U0muIgGVXV9TqYNSySLOz4CIERH-mLx-xAZsgoMnHSN5fjeSYaYWpvUFpoRZOPHwiyC&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&range=0-70220&rn=2&rbuf=0 | 91.90.45.172 | 200 OK | 1.0 kB |
URL HTTP/1.1rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=251&source=youtube&requiressl=yes&mh=T6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2342500&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=audio%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&gir=yes&clen=45259410&otfp=1&dur=2506.021&lmt=1653327764201303&mt=1663088741&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdSdT-t7UlqTMhDPAjCkSLtpVBdOq6qE5YhpooxO_Rp4CICu7PHovpFvH2iW8jLXzmLkHwhHxqszpYce-8Gbs9zKY&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgOifuV63wldxIlcBJYWL14U0muIgGVXV9TqYNSySLOz4CIERH-mLx-xAZsgoMnHSN5fjeSYaYWpvUFpoRZOPHwiyC&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&range=0-70220&rn=2&rbuf=0 IP91.90.45.172:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1048), with no line terminators Hash8ecc3248792740d28cea2cccc1e06f9a d7fd5dafacf465fe9830c8274dafe4a57dea5780 8c5571c20411fce29bed4df2585a64703bcfb610991e7bdc878e6cc863dfcd44
POST /videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=251&source=youtube&requiressl=yes&mh=T6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2342500&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=audio%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&gir=yes&clen=45259410&otfp=1&dur=2506.021&lmt=1653327764201303&mt=1663088741&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdSdT-t7UlqTMhDPAjCkSLtpVBdOq6qE5YhpooxO_Rp4CICu7PHovpFvH2iW8jLXzmLkHwhHxqszpYce-8Gbs9zKY&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgOifuV63wldxIlcBJYWL14U0muIgGVXV9TqYNSySLOz4CIERH-mLx-xAZsgoMnHSN5fjeSYaYWpvUFpoRZOPHwiyC&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&range=0-70220&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 13 Sep 2022 17:13:50 GMT
Expires: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1048
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=T6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2342500&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=video%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&otf=1&otfp=1&dur=0.000&lmt=1653327785900102&mt=1663088741&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6210224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANT0o2WjKZO5dQPz16hgJFNYrXf6VLezqeBhzRRFK0qyAiBL2QEYhYL46Pbfdfox4Mhala3MWcufuN3VnXb8BFsDWg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgOifuV63wldxIlcBJYWL14U0muIgGVXV9TqYNSySLOz4CIERH-mLx-xAZsgoMnHSN5fjeSYaYWpvUFpoRZOPHwiyC&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&sq=0&rn=1&rbuf=0 | 91.90.45.172 | 200 OK | 1.1 kB |
URL HTTP/1.1rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=T6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2342500&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=video%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&otf=1&otfp=1&dur=0.000&lmt=1653327785900102&mt=1663088741&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6210224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANT0o2WjKZO5dQPz16hgJFNYrXf6VLezqeBhzRRFK0qyAiBL2QEYhYL46Pbfdfox4Mhala3MWcufuN3VnXb8BFsDWg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgOifuV63wldxIlcBJYWL14U0muIgGVXV9TqYNSySLOz4CIERH-mLx-xAZsgoMnHSN5fjeSYaYWpvUFpoRZOPHwiyC&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&sq=0&rn=1&rbuf=0 IP91.90.45.172:0 ASN#50304 Blix Solutions AS
File typeASCII text, with very long lines (1093), with no line terminators Hashd4050ab5fc86ebf12561244c61c39e90 c93208f4b30ceb4a136f94d92485cc58604e7a30 a877b7540fd9a9c2ba64a3c1c672b383c816154ce46260e707032d1b88011c7a
POST /videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=T6&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynld&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2342500&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=video%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&otf=1&otfp=1&dur=0.000&lmt=1653327785900102&mt=1663088741&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6210224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANT0o2WjKZO5dQPz16hgJFNYrXf6VLezqeBhzRRFK0qyAiBL2QEYhYL46Pbfdfox4Mhala3MWcufuN3VnXb8BFsDWg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgOifuV63wldxIlcBJYWL14U0muIgGVXV9TqYNSySLOz4CIERH-mLx-xAZsgoMnHSN5fjeSYaYWpvUFpoRZOPHwiyC&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Tue, 13 Sep 2022 17:13:50 GMT
Expires: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1093
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash898b4f68b255265f6d598933376f488e 858181176437609e7db589c75e07307de46c920f ab851e060a34b8d48f2a95ccef6677744f2522d4cf405ced10eaaad6bbadb1d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash3fa8a8a608aaed46ddff1e747823854a e6707a30906e3cf863c510c6ce8790d8ac6c83e3 b3fa508625f445cb5ea3e464fe246771ecdebf20f440bf13b68952ed868a2a89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash3fa8a8a608aaed46ddff1e747823854a e6707a30906e3cf863c510c6ce8790d8ac6c83e3 b3fa508625f445cb5ea3e464fe246771ecdebf20f440bf13b68952ed868a2a89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| rr4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=video%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&otf=1&otfp=1&dur=0.000&lmt=1653327785900102&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6210224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANT0o2WjKZO5dQPz16hgJFNYrXf6VLezqeBhzRRFK0qyAiBL2QEYhYL46Pbfdfox4Mhala3MWcufuN3VnXb8BFsDWg%3D%3D&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=T6&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1663088604&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgP_pfPpmsHXIWVST-8Grjm4X6YI3WIhGQbxGh9wUxcekCIHVkDW9u6q0pIcAa_qQSI_Tal9UFSvYy98e6lCSX2G6X&sq=0&rn=4&rbuf=0&pot=D7z8GWHMkvjDvMd-rHrd7SO4pj1afu7Nu6s50bJ0VyKBH4HxUwl6ZPZKvdCYYJ4GqXzW7DxXqrLQpfLGtzhMqISCAxg2Pf2yVnmZgzNdW_L138i24pD_2nlIW2aoex0QRN_lkIdOmUc= | 74.125.111.73 | 200 OK | 280 B |
URL HTTP/1.1rr4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=video%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&otf=1&otfp=1&dur=0.000&lmt=1653327785900102&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6210224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANT0o2WjKZO5dQPz16hgJFNYrXf6VLezqeBhzRRFK0qyAiBL2QEYhYL46Pbfdfox4Mhala3MWcufuN3VnXb8BFsDWg%3D%3D&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=T6&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1663088604&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgP_pfPpmsHXIWVST-8Grjm4X6YI3WIhGQbxGh9wUxcekCIHVkDW9u6q0pIcAa_qQSI_Tal9UFSvYy98e6lCSX2G6X&sq=0&rn=4&rbuf=0&pot=D7z8GWHMkvjDvMd-rHrd7SO4pj1afu7Nu6s50bJ0VyKBH4HxUwl6ZPZKvdCYYJ4GqXzW7DxXqrLQpfLGtzhMqISCAxg2Pf2yVnmZgzNdW_L138i24pD_2nlIW2aoex0QRN_lkIdOmUc= IP74.125.111.73:0
File typeWebM\012- EBML file, creator webmB\20\012- data Hash65798892ca1a9a8a9af0745e37dd637b f28ee5ebeb09b9057b87c9493afabca77c5808ae 087f047cd1c8d7a484332090038209b3a14ee31936a3806f69db7d4d794e0fe1
POST /videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=video%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&otf=1&otfp=1&dur=0.000&lmt=1653327785900102&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6210224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANT0o2WjKZO5dQPz16hgJFNYrXf6VLezqeBhzRRFK0qyAiBL2QEYhYL46Pbfdfox4Mhala3MWcufuN3VnXb8BFsDWg%3D%3D&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=T6&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1663088604&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgP_pfPpmsHXIWVST-8Grjm4X6YI3WIhGQbxGh9wUxcekCIHVkDW9u6q0pIcAa_qQSI_Tal9UFSvYy98e6lCSX2G6X&sq=0&rn=4&rbuf=0&pot=D7z8GWHMkvjDvMd-rHrd7SO4pj1afu7Nu6s50bJ0VyKBH4HxUwl6ZPZKvdCYYJ4GqXzW7DxXqrLQpfLGtzhMqISCAxg2Pf2yVnmZgzNdW_L138i24pD_2nlIW2aoex0QRN_lkIdOmUc= HTTP/1.1
Host: rr4---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 23 Jul 2022 16:25:56 GMT
Content-Type: video/webm
Date: Tue, 13 Sep 2022 17:13:50 GMT
Expires: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 280
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=251&source=youtube&requiressl=yes&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=audio%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&gir=yes&clen=45259410&otfp=1&dur=2506.021&lmt=1653327764201303&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdSdT-t7UlqTMhDPAjCkSLtpVBdOq6qE5YhpooxO_Rp4CICu7PHovpFvH2iW8jLXzmLkHwhHxqszpYce-8Gbs9zKY&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=T6&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1663088604&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANAAYlVxTFT3mlwrORACtX-37qMrqkD3pPZ1kM-Wf_jnAiBLivHx-M72EsFMRtNNpnWr5EmBbPS9jsnCNV3BjBYCYg%3D%3D&range=0-70220&rn=3&rbuf=0&pot=D7z8GWHMkvjDvMd-rHrd7SO4pj1afu7Nu6s50bJ0VyKBH4HxUwl6ZPZKvdCYYJ4GqXzW7DxXqrLQpfLGtzhMqISCAxg2Pf2yVnmZgzNdW_L138i24pD_2nlIW2aoex0QRN_lkIdOmUc= | 74.125.111.73 | 200 OK | 70 kB |
URL HTTP/1.1rr4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=251&source=youtube&requiressl=yes&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=audio%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&gir=yes&clen=45259410&otfp=1&dur=2506.021&lmt=1653327764201303&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdSdT-t7UlqTMhDPAjCkSLtpVBdOq6qE5YhpooxO_Rp4CICu7PHovpFvH2iW8jLXzmLkHwhHxqszpYce-8Gbs9zKY&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=T6&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1663088604&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANAAYlVxTFT3mlwrORACtX-37qMrqkD3pPZ1kM-Wf_jnAiBLivHx-M72EsFMRtNNpnWr5EmBbPS9jsnCNV3BjBYCYg%3D%3D&range=0-70220&rn=3&rbuf=0&pot=D7z8GWHMkvjDvMd-rHrd7SO4pj1afu7Nu6s50bJ0VyKBH4HxUwl6ZPZKvdCYYJ4GqXzW7DxXqrLQpfLGtzhMqISCAxg2Pf2yVnmZgzNdW_L138i24pD_2nlIW2aoex0QRN_lkIdOmUc= IP74.125.111.73:0
File typeWebM\012- EBML file, creator webmB\20\012- data Hasheacf2d0d4578dfb7c32c836b1bfd4f8f 6f31ba4870aae03eea8e887b968c3b0d5e72fb9e 79f74361f0d6272ef8206841a9f1d48515fa859a1671ef8bc38593136dfba6f1
POST /videoplayback?expire=1663110829&ei=TbogY5enINuF0u8Pn-2qwAc&ip=91.90.42.154&id=o-AGZuHR1FFI4H3Ecz0uCXtRJSr9kJ1ySqOJ1rrPHF56Mi&itag=251&source=youtube&requiressl=yes&spc=lT-KhgO65DI9dguZu19bHc-eRHcgEBM&vprv=1&mime=audio%2Fwebm&ns=LPW2KatYTtrBSXKglH-IQKkH&gir=yes&clen=45259410&otfp=1&dur=2506.021&lmt=1653327764201303&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=6211224&n=N5TBI95X-ktVow&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdSdT-t7UlqTMhDPAjCkSLtpVBdOq6qE5YhpooxO_Rp4CICu7PHovpFvH2iW8jLXzmLkHwhHxqszpYce-8Gbs9zKY&alr=yes&cpn=KZeMwO9XY3XhJZ0C&cver=1.20220911.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=T6&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1663088604&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANAAYlVxTFT3mlwrORACtX-37qMrqkD3pPZ1kM-Wf_jnAiBLivHx-M72EsFMRtNNpnWr5EmBbPS9jsnCNV3BjBYCYg%3D%3D&range=0-70220&rn=3&rbuf=0&pot=D7z8GWHMkvjDvMd-rHrd7SO4pj1afu7Nu6s50bJ0VyKBH4HxUwl6ZPZKvdCYYJ4GqXzW7DxXqrLQpfLGtzhMqISCAxg2Pf2yVnmZgzNdW_L138i24pD_2nlIW2aoex0QRN_lkIdOmUc= HTTP/1.1
Host: rr4---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 23 May 2022 17:42:44 GMT
Content-Type: audio/webm
Date: Tue, 13 Sep 2022 17:13:50 GMT
Expires: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 70221
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash3fa8a8a608aaed46ddff1e747823854a e6707a30906e3cf863c510c6ce8790d8ac6c83e3 b3fa508625f445cb5ea3e464fe246771ecdebf20f440bf13b68952ed868a2a89
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtag/js?id=UA-131822362-20 | 142.250.74.72 | 200 OK | 42 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-131822362-20 IP142.250.74.72:0
File typeASCII text, with very long lines (1615) Hashb1cb7435e19dc748c6d70f934fe894db 4175b397d5a4bce5b85c9df77da5640caada6756 2d3b31eb9fa6c92f2fefb336dc100fcd7d6a9722167ae2ce3cc8fd2dd67439fd
GET /gtag/js?id=UA-131822362-20 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofortnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 17:13:50 GMT
expires: Tue, 13 Sep 2022 17:13:50 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 16:39:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42156
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc79a6d9219e52788c0288a4288601f0b a55c74c35279d08872bb4b0805d3f8ff684bc322 345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash89dc4294d8e50675a5cb111e84d38452 993b0be337e43de62b8a33bef20c972881c8a646 27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-131822362-20&cid=1890171487.1663089217&jid=1534218627&gjid=906585456&_gid=1485043917.1663089217&_u=aGBAAUACQAAAAC~&z=358809173 | 142.251.1.156 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-131822362-20&cid=1890171487.1663089217&jid=1534218627&gjid=906585456&_gid=1485043917.1663089217&_u=aGBAAUACQAAAAC~&z=358809173 IP142.251.1.156:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-131822362-20&cid=1890171487.1663089217&jid=1534218627&gjid=906585456&_gid=1485043917.1663089217&_u=aGBAAUACQAAAAC~&z=358809173 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://glucofortnow.com
Connection: keep-alive
Referer: https://glucofortnow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://glucofortnow.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Sep 2022 17:13:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash89dc4294d8e50675a5cb111e84d38452 993b0be337e43de62b8a33bef20c972881c8a646 27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 17:13:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| glucofortnow.com/g-gluco/indexab.php?aff_id=34&subid2=84ec98b657df4159afca484a40c863f7&subid=4&subid3=6688_sessid20220913171346522&sub5=noaff | 172.67.129.239 | 302 Found | 0 B |
URL HTTP/2glucofortnow.com/g-gluco/indexab.php?aff_id=34&subid2=84ec98b657df4159afca484a40c863f7&subid=4&subid3=6688_sessid20220913171346522&sub5=noaff IP172.67.129.239:0
GET /g-gluco/indexab.php?aff_id=34&subid2=84ec98b657df4159afca484a40c863f7&subid=4&subid3=6688_sessid20220913171346522&sub5=noaff HTTP/1.1
Host: glucofortnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 13 Sep 2022 17:13:47 GMT
content-type: text/html; charset=UTF-8
location: https://glucofortnow.com/g-gluco/indexab.php?vsl=MTY2MzM0ODQyNw==&aff_id=34&subid2=84ec98b657df4159afca484a40c863f7&subid=4&subid3=6688_sessid20220913171346522&sub5=noaff
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgS7YZNunkMmoD9psOx7oh97fS50d2MJD9eWHD4qtH15B0xpdiZptZWnjv1iLT1cSbWY7ckXeVz4YyK%2B1ERYzL2dwFBsJKRSysnwlzuRHwB71lFLfDkbSkD%2FA9HrnWvLHYQx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: PHPSESSID=6abb5bb36dbf16d6109ae93fc736bdfa; path=/
__cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGRdjMcWiNMHE4; SameSite=None; Secure; path=/; expires=Wed, 14-Sep-22 16:13:47 GMT; HttpOnly
server: cloudflare
cf-ray: 74a283f789d2b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| glucofortnow.com/g-gluco/indexab.php?vsl=MTY2MzM0ODQyNw==&aff_id=34&subid2=84ec98b657df4159afca484a40c863f7&subid=4&subid3=6688_sessid20220913171346522&sub5=noaff | 172.67.129.239 | 200 OK | 0 B |
URL HTTP/2glucofortnow.com/g-gluco/indexab.php?vsl=MTY2MzM0ODQyNw==&aff_id=34&subid2=84ec98b657df4159afca484a40c863f7&subid=4&subid3=6688_sessid20220913171346522&sub5=noaff IP172.67.129.239:0
GET /g-gluco/indexab.php?vsl=MTY2MzM0ODQyNw==&aff_id=34&subid2=84ec98b657df4159afca484a40c863f7&subid=4&subid3=6688_sessid20220913171346522&sub5=noaff HTTP/1.1
Host: glucofortnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=6abb5bb36dbf16d6109ae93fc736bdfa; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGRdjMcWiNMHE4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 17:13:48 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmkVYOiK26TfXBFrTTjsouGkxqovmXotbIDCdLginVJgYc7ddcrfVXWLcmT1XRBSwZ5viift9u1u4dm%2BTbaIJKqRDV%2FzvYpvc8LN%2Bx16XQZdlb2aKxG1Ry%2BFrZP%2F8ZV5RsCc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74a283fa4e13b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.8.2/css/all.css | 104.21.63.54 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.8.2/css/all.css IP104.21.63.54:0
GET /releases/v5.8.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofortnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 17:13:48 GMT
content-type: text/css
x-amz-id-2: 6R1QDm5fAD6Odgthjjrtj6XhZE4uBSy49H0tHp8HQbcbn4vBiJ1EMRrJC8Gz/kWUsjSj9X45rrU=
x-amz-request-id: MEJDS91QZZ8AAEPY
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: W/"77cbad34e5ce95e70847b074e05faeab"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 573385
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yrtbop5YmwpinSXRRZH%2F0z%2BtWqjfVGudHjR5%2F8UHKVRYa6rCLMfe6uzDrIPZeA8a%2BCeeerSxHBjWOQ92zZ9DtnygV7HZ%2BhxGEv4ni1Sa0Cc7iMG7mi8QTg37JeM0CESBNqBQp%2Fiv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a283fc1e1b1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tracking.buygoods.com/track/?a=6671&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=Array&caller_url=https%3A%2F%2Fglucofortnow.com%2Fg-gluco%2Findexab.php%3Fvsl%3DMTY2MzM0ODQyNw%3D%3D%26aff_id%3D34%26subid2%3D84ec98b657df4159afca484a40c863f7%26subid%3D4%26subid3%3D6688_sessid20220913171346522%26sub5%3Dnoaff | 172.66.40.234 | 200 OK | 0 B |
URL HTTP/2tracking.buygoods.com/track/?a=6671&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=Array&caller_url=https%3A%2F%2Fglucofortnow.com%2Fg-gluco%2Findexab.php%3Fvsl%3DMTY2MzM0ODQyNw%3D%3D%26aff_id%3D34%26subid2%3D84ec98b657df4159afca484a40c863f7%26subid%3D4%26subid3%3D6688_sessid20220913171346522%26sub5%3Dnoaff IP172.66.40.234:0
GET /track/?a=6671&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=Array&caller_url=https%3A%2F%2Fglucofortnow.com%2Fg-gluco%2Findexab.php%3Fvsl%3DMTY2MzM0ODQyNw%3D%3D%26aff_id%3D34%26subid2%3D84ec98b657df4159afca484a40c863f7%26subid%3D4%26subid3%3D6688_sessid20220913171346522%26sub5%3Dnoaff HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofortnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 17:13:48 GMT
content-type: application/javascript
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
set-cookie: spiaffid_6671=34; expires=Mon, 12-Dec-2022 17:13:48 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisubid_6671=4%7C84ec98b657df4159afca484a40c863f7; expires=Mon, 12-Dec-2022 17:13:48 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spicampaign_id_6671=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6671=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6671=91.90.42.154::glucofortnow.com%2Fg-gluco%2Findexab; expires=Mon, 12-Dec-2022 17:13:48 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisessid2_6671=sessid20220913171310308; expires=Mon, 12-Dec-2022 17:13:48 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spi_funnel_codename_6671=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a283fcc84eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6671 | 172.66.40.141 | 200 OK | 0 B |
URL HTTP/2display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6671 IP172.66.40.141:0
GET /v1/disclaimer?id=disclaimer&account_id=6671 HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucofortnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 17:13:48 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a283fc4c120b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|