asdf.auxinsilitedfrialineou5tlysneabl.cfd/i.php?R1e9w9O8l4XhDhiO/OXDKhhyXDO/OBvKDvv
107.150.55.94302 Found 0 B URL HTTP/1.1 asdf.auxinsilitedfrialineou5tlysneabl.cfd/i.php?R1e9w9O8l4XhDhiO/OXDKhhyXDO/OBvKDvv
IP 107.150.55.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /i.php?R1e9w9O8l4XhDhiO/OXDKhhyXDO/OBvKDvv HTTP/1.1
Host: asdf.auxinsilitedfrialineou5tlysneabl.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 23 Mar 2023 19:11:21 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Location: http://142.54.186.2/tr.php?R1e9w9O8l4XhDhiO-OXDKhhyXDO-OBvKDvv==1o46z1ke9jo9f9m546q91f9j5lkBmfcoj512fz364@tsztrzyuzsBy@
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7893
Expires: Thu, 23 Mar 2023 21:03:32 GMT
Date: Thu, 23 Mar 2023 18:51:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7230
Expires: Thu, 23 Mar 2023 20:52:29 GMT
Date: Thu, 23 Mar 2023 18:51:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 18:15:07 GMT
content-type: application/json
age: 2212
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12615
Expires: Thu, 23 Mar 2023 22:22:14 GMT
Date: Thu, 23 Mar 2023 18:51:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Lu6ZVEj9nlRR2IZfJ5N2jFCm4cII6j5j0WFGPvMA3mu0yy0a4pc/dJ5cyrf7Ui3ympFv9T6CkTW2JcAHMkkq6w==
x-amz-request-id: RZT4KNT4AY4VCP8C
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 17:54:08 GMT
age: 3471
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 18:51:59 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
142.54.186.2/tr.php?R1e9w9O8l4XhDhiO-OXDKhhyXDO-OBvKDvv==1o46z1ke9jo9f9m546q91f9j5lkBmfcoj512fz364@tsztrzyuzsBy@
142.54.186.2302 Found 0 B URL HTTP/1.1 142.54.186.2/tr.php?R1e9w9O8l4XhDhiO-OXDKhhyXDO-OBvKDvv==1o46z1ke9jo9f9m546q91f9j5lkBmfcoj512fz364@tsztrzyuzsBy@
IP 142.54.186.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr.php?R1e9w9O8l4XhDhiO-OXDKhhyXDO-OBvKDvv==1o46z1ke9jo9f9m546q91f9j5lkBmfcoj512fz364@tsztrzyuzsBy@ HTTP/1.1
Host: 142.54.186.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 23 Mar 2023 18:51:59 GMT
Server: Apache/2.4.37 (centos)
X-Powered-By: PHP/8.0.16
Location: http://t.bqumo.com/aff_c?offer_id=11148&aff_id=4351&aff_sub=1-170233970112274013400000001761173129467932
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 18:14:33 GMT
age: 2247
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
t.bqumo.com/aff_c?offer_id=11148&aff_id=4351&aff_sub=1-170233970112274013400000001761173129467932
52.16.189.65302 Found 345 B URL HTTP/1.1 t.bqumo.com/aff_c?offer_id=11148&aff_id=4351&aff_sub=1-170233970112274013400000001761173129467932
IP 52.16.189.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 50350804b24efb1d615653d1b39fbbf4
2c45b9054f6ff818c22112401038dd27eea0572c
681041d654b975bf3c10af5d64dfd4ccb47bb3188f9779614ed7ee11f20ff37a
GET /aff_c?offer_id=11148&aff_id=4351&aff_sub=1-170233970112274013400000001761173129467932 HTTP/1.1
Host: t.bqumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 23 Mar 2023 18:52:00 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 345
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_11148=ENC03f0e16ba0aeedaaf5da76d5d7a263858795625975d3d9ca042109c77e34171b9a46d604d17bca745ac93d1dcfb480f38a444395f9cc100b856567cfe5ab8ced18fe93a7957dc2317a6e8030b7f118052ec50a7feb6f0df0f288c1a4210b1fbff6f0f27d6681fd68af6b85ad65b46696516716e0c22e5877cf846608067f405dac39ed0b4ee8557b94d97ac4aca76589591124bb386cdf976c9beb5b15249f8d5b016b118a; expires=Sun, 23 Apr 2023 18:52:00 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sun, 15 Feb 2026 05:32:00 GMT; path=/; SameSite=None; Secure
Tracking_id: 1024f82ad14d5c8e34adce1ad96498
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: ce33504ab29180e82928d00f2829a086
Access-Control-Allow-Headers: Tune-SDK-Version
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8781
Expires: Thu, 23 Mar 2023 21:18:21 GMT
Date: Thu, 23 Mar 2023 18:52:00 GMT
Connection: keep-alive
push.services.mozilla.com/
54.189.159.75101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.159.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eS/+yAzQxIJc/VolTPikOQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MsdGMTrpCABDqGQX0gA3c4GcKq8=
trybeliv.com/assets/images/BELIVx3-500px.png
172.67.71.159200 OK 63 kB URL HTTP/2 trybeliv.com/assets/images/BELIVx3-500px.png
IP 172.67.71.159:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash dc7a7b9e6aac82860bdb150fd47097db
ba977227ccf4d70b8881a54d77f8bad4fdddc103
b64290f15709256b6a87aab5f3b3b194076bc5edbab92a92119cbf0312352dca
GET /assets/images/BELIVx3-500px.png HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:00 GMT
content-type: image/webp
content-length: 62842
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=85426
content-disposition: inline; filename="BELIVx3-500px.webp"
vary: Accept
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 466
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKjvPMYlRQO0%2ByhHIaNKT%2B9Bi0SkQcxoJhmKE0%2BwS3PtvEjdOdZ3DeiRJJEbPv%2Bs7LzCtzQ0NzVBdPzK3wOFod2mOYbry4bxSY2Fs8MTDbaETlVwgREN40soH7iG0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac8de79aad0b51d-OSL
X-Firefox-Spdy: h2
trybeliv.com/assets/images/BELIVx6-500px.png
172.67.71.159200 OK 90 kB URL HTTP/2 trybeliv.com/assets/images/BELIVx6-500px.png
IP 172.67.71.159:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1fc7461cbcbc351c56a3b21d783adb6c
a37a02aaeb49323a75d0dce59646658c057c8e74
35acde7d6e20a201d1c5f7e4e714cba321ad2d9e3bec0e81576e107d5784a906
GET /assets/images/BELIVx6-500px.png HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:00 GMT
content-type: image/webp
content-length: 90028
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=121232
content-disposition: inline; filename="BELIVx6-500px.webp"
vary: Accept
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 467
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vnn%2BU4sSlmfpXuRPdZckFauzNOyolBdTkjNinQrMWGUkE9sr5IQFc5ckBBd69fWhRDvgGRH12jTW4BxRG6%2FHP%2B7bXIZAL4GCj1gKHdcdCJqJykOKtr2c7blDb7Q3wA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac8de79aaccb51d-OSL
X-Firefox-Spdy: h2
trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
172.67.71.159200 OK 49 kB URL HTTP/2 trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
IP 172.67.71.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3064), with CRLF, LF line terminators
Hash 135ec9c1dc0d8ef4d4cd970bf17fb8aa
fd9d4a79df34ac54ac3d3527c7794062e7c9a870
086e440c2ba7ea7e5b6f3c6f8a4fdf80bf82ea7a5a367fa6e14a6b5a6002e4e0
GET /g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498 HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:00 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sLhTrzjqq%2BU6AmWjWeQgtt%2FxhAzCnIfeNYja4eGWaOW0bUOT%2BvV6n8q8XclHEBVon%2BNfNlqmQ2f0BcAWbxcamh3NjaqHtcDddIrqOPfmDBxmwV6iOEkWIOkM0u%2FHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; path=/
__cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU; SameSite=None; Secure; path=/; expires=Fri, 24-Mar-23 17:52:00 GMT; HttpOnly
server: cloudflare
cf-ray: 7ac8de75dd0db51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:00 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1679597520.dop227.sk1.t,1679597520.cds237.sk1.hn,1679597520.cds208.sk1.c
X-Firefox-Spdy: h2
trybeliv.com/assets/css/normalize.css
172.67.71.159200 OK 1.3 kB URL HTTP/2 trybeliv.com/assets/css/normalize.css
IP 172.67.71.159:0
File type ASCII text, with very long lines (1861), with no line terminators
Hash 2211a3d4c785b9e0630c1f3ae00b0568
4c39060d73611e7fad8f579467d54422ed1eaa13
1e10f12db56570acc056d6534b02c1f925e862d77a5e19fd18930084143610ef
GET /assets/css/normalize.css HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7772
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4PIFNI59n211C0KzUUl54SNpEkvEC%2BPC6oNm1LL%2Bk%2FdoYAxy9FIT%2F5YVfosrRRzbGco6X%2FV6vVhLjMuQJDxzrG9n9vaXaaPnhZHtWgR1vEPvmSkq8bPaiuxu69CAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8de79aac5b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ravenjs.com/3.22.3/raven.min.js
151.101.130.217200 OK 11 kB URL HTTP/2 cdn.ravenjs.com/3.22.3/raven.min.js
IP 151.101.130.217:0
File type Unicode text, UTF-8 text, with very long lines (28593)
Hash 8cbcd61633abe10dbb38fae2719ed95b
2ef7bd1a706e16e60f85ec251e059065e10e3263
0ce2f6499c370efffe0bbbe12d4bb869eacdcbdda16b8155621b951c47e45479
GET /3.22.3/raven.min.js HTTP/1.1
Host: cdn.ravenjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 13 Feb 2018 10:14:13 GMT
etag: "fa070961d2a2647811b3c79fd72499f3"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
accept-ranges: bytes
date: Thu, 23 Mar 2023 18:52:00 GMT
age: 70185
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
timing-allow-origin: *
cache-control: public, max-age=31536000
content-length: 10752
X-Firefox-Spdy: h2
trybeliv.com/assets/css/beliv.webflow.css?v=1.2
172.67.71.159200 OK 15 kB URL HTTP/2 trybeliv.com/assets/css/beliv.webflow.css?v=1.2
IP 172.67.71.159:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 788b3581f494901d80a0dcc1804a7cad
2f6f998b9479427a60ca118baa5f0215192b3dc9
4b7b6c784ea6a0219db11522f5fb657d33f909dba14337dc66cc72f1d59141e0
GET /assets/css/beliv.webflow.css?v=1.2 HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=235717
last-modified: Thu, 13 Oct 2022 20:25:44 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTNcC9atpRqPXpueBU%2BcXFZI7CNCNSzlzXFGsJ9edp2dafL0mBIgTpgJpGMkSUt8mcWQ90hafqLpxE3zF73A0PhC%2B0kw6PpSHrm0f%2BrX1gw4tki2Jm3nafhwOTOClg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8de79aac8b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
216.58.207.234200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 19:08:56 GMT
expires: Thu, 21 Mar 2024 19:08:56 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 85385
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-P8BHFM3
142.250.74.174200 OK 45 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-P8BHFM3
IP 142.250.74.174:0
File type ASCII text, with very long lines (2206)
Hash eef6a7311b7afba3e17191371d463514
1341e4d0608585b9169cfedd6f23153585dc9e66
1126d8b749581a3fabd8987cabea45b72be2f4968b1bb5bcb4b3308e1ee4d860
GET /optimize.js?id=OPT-P8BHFM3 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Mar 2023 18:52:01 GMT
expires: Thu, 23 Mar 2023 18:52:01 GMT
cache-control: private, max-age=900
last-modified: Thu, 23 Mar 2023 18:18:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44948
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-RF0P0MLLMC
142.250.74.72200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-RF0P0MLLMC
IP 142.250.74.72:0
File type ASCII text, with very long lines (21772)
Hash 30901412640c5d6cce81c40b497c6d89
c4dfbb21be55952e23c5a94aacae403c79074dc2
bc15def13aeb5d9f1e86392ba444865e161ab642ce0d6bedda3d772ecb9a6c29
GET /gtag/js?id=G-RF0P0MLLMC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Mar 2023 18:52:01 GMT
expires: Thu, 23 Mar 2023 18:52:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79794
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trybeliv.com/assets/images/logo.png
172.67.71.159200 OK 3.1 kB URL HTTP/2 trybeliv.com/assets/images/logo.png
IP 172.67.71.159:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 484a4397bfec5b1c79dc9b7468a7ee5d
d22e8804156a4332c915d5d496e56489d525ce54
00742b45e10dff22f94b85e38ecdf03d053a0bc622bbaa8300295becfda7204a
GET /assets/images/logo.png HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:01 GMT
content-type: image/webp
content-length: 3098
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=7527
content-disposition: inline; filename="logo.webp"
vary: Accept
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 467
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT%2FSDcWBMGlvonyRTKCYZjWGmrc5jzeIk1EX8Vv0w6V3MIDVHikojk4TJoh6KoML3scmy2P65KgmHzbZFA%2B4AtJFp8D9tyISfK84HDOiZq3WhGaJiZyiRxUxbK00QA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac8de7b2cf1b51d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7385
172.66.43.115200 OK 9.2 kB URL HTTP/2 display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7385
IP 172.66.43.115:0
Hash 8bc7c20a803bb49b36405368fd16f728
a1ee28f6120d2aa1677abca5e2aa55d9fb8c7730
e6b8cf8b8e4f32158f2806e104ca5c574bf9107d9d359f77a3adfff9429fc22d
GET /v1/disclaimer?id=disclaimer&account_id=7385 HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:01 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
cache-control: private
cf-cache-status: DYNAMIC
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
__cflb=02DiuHqbnvaBNqZ2uGBKRYmBT9SdWdqrbTkAJqpRV6nnx; SameSite=Lax; path=/; expires=Fri, 24-Mar-23 17:52:01 GMT; HttpOnly
server: cloudflare
cf-ray: 7ac8de79fb03b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trybeliv.com/assets/js/webflow.js
172.67.71.159200 OK 67 kB URL HTTP/2 trybeliv.com/assets/js/webflow.js
IP 172.67.71.159:0
File type Unicode text, UTF-8 text, with very long lines (56856)
Hash 11e67238e616c11de36df87c20dbe1dd
aa3b5b221d2d1d00eb4fdac18f084898bdc7bdd7
fe008d1b097c81d70187bdbdfb9fac63465ebc402c9eed4f0423e7f650c8a50b
GET /assets/js/webflow.js HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:00 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=189044
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MwV46r%2Bc%2FDlqTH8ldJ3PbzjFmyY5BNntzXZRtMYiz%2BmljF9d4BG7BAmTJDKqqluz1ev5Jm9MuF84e4q4MfpApBTxvTQrfinup%2F%2BKjVerQq2GSZOJBNfH4s1Sgiz0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8de79baecb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
trybeliv.com/assets/js/yt.js
172.67.71.159200 OK 9.4 kB URL HTTP/2 trybeliv.com/assets/js/yt.js
IP 172.67.71.159:0
File type ASCII text, with very long lines (627)
Hash d9148c12c9db54ed0ae0788be63c1cfb
b5bc2649db508e71ba0d950dd9f521a9c1f58413
62bef4413b364e9adb2e2a60360cb3f305366d82c653dc020517b3914a4572d4
GET /assets/js/yt.js HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:00 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5738
last-modified: Tue, 11 Oct 2022 22:27:36 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cEAWdQRixWqLLAENHtYdAe%2FWgwlwFwzvKt5de%2BGfl64J%2Bz6u7%2BXfHfw8cLSL6xbs1gWHRIYrrjQ4s6778p6ogC9AzG8N2JSIWVN7WYZk08S%2FR3AFtUsWel%2FSIsG8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8de79badeb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 22:29:05 GMT
expires: Thu, 21 Mar 2024 22:29:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 73376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
age: 89210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tracking.buygoods.com/track/?a=7385&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=BLV01,BLV06,BLV03&caller_url=https%3A%2F%2Ftrybeliv.com%2Fg-beliv%2F101.php%3Faff_id%3D2310%26subid%3D4351%26subid2%3D1-170233970112274013400000001761173129467932%26subid3%3D1024f82ad14d5c8e34adce1ad96498
172.66.43.22200 OK 22 kB URL HTTP/2 tracking.buygoods.com/track/?a=7385&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=BLV01,BLV06,BLV03&caller_url=https%3A%2F%2Ftrybeliv.com%2Fg-beliv%2F101.php%3Faff_id%3D2310%26subid%3D4351%26subid2%3D1-170233970112274013400000001761173129467932%26subid3%3D1024f82ad14d5c8e34adce1ad96498
IP 172.66.43.22:0
File type ASCII text, with very long lines (1016), with CRLF line terminators
Hash 97c97a68dd6f5a206d9f8ff6a62ad111
c16f5962a98e3b770bb3ad7f5052ae80661858da
5072a6feab7e61c203d2ea9814e3be6bf604ab86d50a487401b36692de7f770a
GET /track/?a=7385&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=BLV01,BLV06,BLV03&caller_url=https%3A%2F%2Ftrybeliv.com%2Fg-beliv%2F101.php%3Faff_id%3D2310%26subid%3D4351%26subid2%3D1-170233970112274013400000001761173129467932%26subid3%3D1024f82ad14d5c8e34adce1ad96498 HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:01 GMT
content-type: application/javascript
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
set-cookie: spiaffid_7385=2310; expires=Wed, 21-Jun-2023 18:52:01 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisubid_7385=4351%7C1-170233970112274013400000001761173129467932; expires=Wed, 21-Jun-2023 18:52:01 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spicampaign_id_7385=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_7385=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_7385=91.90.42.154::trybeliv.com%2Fg-beliv%2F101; expires=Wed, 21-Jun-2023 18:52:01 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisessid2_7385=sessid20230323185220554; expires=Wed, 21-Jun-2023 18:52:01 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spi_funnel_codename_7385=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ac8de7b18b4b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/c64a5d56/www-widgetapi.vflset/www-widgetapi.js
142.250.74.142200 OK 63 kB URL HTTP/2 www.youtube.com/s/player/c64a5d56/www-widgetapi.vflset/www-widgetapi.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (591)
Hash 0a2e2f95b54e89a310694f31dbc6fc62
9daa610e872ca9f6e2ff762c593cdc746ec3622f
8d4c2868376631c94ac7b06f4a26a3777ca799ec746caaa221b0074dca533d58
GET /s/player/c64a5d56/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 63085
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 18:22:41 GMT
expires: Fri, 22 Mar 2024 18:22:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 00:19:08 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 1760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.142200 OK 959 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.142:0
File type ASCII text, with very long lines (509)
Hash 675077671c6ae2ebb65705679a5d2919
a5815b9ff7730f284bace0fa2ae2147478f56160
ba8618e66ab933114ecfd63efea233c7fb76a58eaae06370912b30c9f7c2bc79
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 23 Mar 2023 18:52:01 GMT
date: Thu, 23 Mar 2023 18:52:01 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=st4uHlqRd68; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=EXbJi8hX3nw; Domain=.youtube.com; Expires=Tue, 19-Sep-2023 18:52:01 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+977; expires=Sat, 22-Mar-2025 18:52:01 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 5cd8c9b1a21861daf74c130682cea34e
32ceecbbe8fdfc999e4169771cf7633fdaa1f083
328369b9dcb3b3b19b031dd350a02c7cbe5fb250ba4748bf8d055da5342f0837
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-131822362-25&cid=493331888.1679597530&jid=1775057960&gjid=1113529557&_gid=1042761784.1679597530&_u=YADAAUAAAAAAACAAI~&z=1135580475
209.85.233.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-131822362-25&cid=493331888.1679597530&jid=1775057960&gjid=1113529557&_gid=1042761784.1679597530&_u=YADAAUAAAAAAACAAI~&z=1135580475
IP 209.85.233.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-131822362-25&cid=493331888.1679597530&jid=1775057960&gjid=1113529557&_gid=1042761784.1679597530&_u=YADAAUAAAAAAACAAI~&z=1135580475 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://trybeliv.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 Mar 2023 18:52:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPoppins:200,regular,700,900%7CRoboto+Condensed:300,300italic,regular,italic,700
172.217.21.170200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPoppins:200,regular,700,900%7CRoboto+Condensed:300,300italic,regular,italic,700
IP 172.217.21.170:0
Hash c430e4458e69e355b6df1b00ab1e78d6
bd31fc8c95b8be41cd4151e3ec1cb8e4e04486db
3cf32117b6cc1f4f5c27e9e5e01c476d3a5093d1d54e6fb2bc9a455f6ce56860
GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPoppins:200,regular,700,900%7CRoboto+Condensed:300,300italic,regular,italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 18:52:01 GMT
date: Thu, 23 Mar 2023 18:52:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 5cd8c9b1a21861daf74c130682cea34e
32ceecbbe8fdfc999e4169771cf7633fdaa1f083
328369b9dcb3b3b19b031dd350a02c7cbe5fb250ba4748bf8d055da5342f0837
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 23 Mar 2023 22:18:17 GMT
Date: Thu, 23 Mar 2023 18:52:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 23 Mar 2023 22:18:17 GMT
Date: Thu, 23 Mar 2023 18:52:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 23 Mar 2023 22:18:17 GMT
Date: Thu, 23 Mar 2023 18:52:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 23 Mar 2023 22:18:17 GMT
Date: Thu, 23 Mar 2023 18:52:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12376
Expires: Thu, 23 Mar 2023 22:18:17 GMT
Date: Thu, 23 Mar 2023 18:52:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412bd6aea60211324e649d7d920601d2
a813976bda850a584b5ab94d9a70bfe0da69aca0
d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pvFey5NWlIqIXlHLMYSUiylATCU1ZxodOb6imsPCxrJDRscwky8dVQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:48:27 GMT
age: 75814
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFCYGtd2b7lK7OBFHjCsgqqLfhtMAQDB0vyYFyf1sv-3CkSHbEh3mA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:59:52 GMT
age: 75129
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jj5lAwItWYm45j5kLqQnd3fhsiGsiuSiSVtrBUOolyHvPAmCc0S71A==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:54:24 GMT
age: 39457
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: soxgrR0B6Rz79QysB7qbMTsNYmkYfG8doOMPpTEd9uLlrE6WTcDKdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:44 GMT
age: 75857
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2062cf7a271d4ac7a04c0a746d443e07
3343851f2128c5f1fe4302c2aa53e8ce1fb661ac
e479263c1742d2597cf8948ef059b0bc97dbb97f47bb5cafee3d4af12069d2ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 87aba2e6-d7e8-4456-a12f-e05ac556b839
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqJhGnXIAMF1yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23d6-2b6c3d62366f47f506ce8415;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:38:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: lKww3e9Hvk0r0LPn7u6pu6Fx9V8RThNVxQEdyWVFAQdOun-53X-tLw==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:49:35 GMT
age: 75746
etag: "3343851f2128c5f1fe4302c2aa53e8ce1fb661ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e89d0b1281259e7399294fb5fa19d2b
5035ed41f497c97faefae9cdaf42dc07ab468557
f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM6hjEqtIAMFvXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Pv-MA9gQ4PmXuY3EWSC77_g2fn_C9-bYUQ4azcrxLNvtwY6CZZg1nA==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 07:55:01 GMT
age: 39420
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-RF0P0MLLMC>m=45je33m0&_p=489957410&cid=493331888.1679597530&ul=en-us&sr=1280x1024&_s=1&sid=1679597529&sct=1&seg=0&dl=https%3A%2F%2Ftrybeliv.com%2Fg-beliv%2F101.php%3Faff_id%3D2310%26subid%3D4351%26subid2%3D1-170233970112274013400000001761173129467932%26subid3%3D1024f82ad14d5c8e34adce1ad96498&dt=BeLiv%20-%20Nature%27s%20Secret%20for%20Healthy%20Blood%20Sugar.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-P8BHFM3
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-RF0P0MLLMC>m=45je33m0&_p=489957410&cid=493331888.1679597530&ul=en-us&sr=1280x1024&_s=1&sid=1679597529&sct=1&seg=0&dl=https%3A%2F%2Ftrybeliv.com%2Fg-beliv%2F101.php%3Faff_id%3D2310%26subid%3D4351%26subid2%3D1-170233970112274013400000001761173129467932%26subid3%3D1024f82ad14d5c8e34adce1ad96498&dt=BeLiv%20-%20Nature%27s%20Secret%20for%20Healthy%20Blood%20Sugar.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-P8BHFM3
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RF0P0MLLMC>m=45je33m0&_p=489957410&cid=493331888.1679597530&ul=en-us&sr=1280x1024&_s=1&sid=1679597529&sct=1&seg=0&dl=https%3A%2F%2Ftrybeliv.com%2Fg-beliv%2F101.php%3Faff_id%3D2310%26subid%3D4351%26subid2%3D1-170233970112274013400000001761173129467932%26subid3%3D1024f82ad14d5c8e34adce1ad96498&dt=BeLiv%20-%20Nature%27s%20Secret%20for%20Healthy%20Blood%20Sugar.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-P8BHFM3 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://trybeliv.com
date: Thu, 23 Mar 2023 18:52:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 23 Mar 2023 18:52:02 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 8629b7b390f436e84b123f1d5e94352f
354c9105208ba22cc05abae9dee4ee52779303f0
b625d1c2ca4cadc296c09c7a77985cecfb9e199ee7651b901a02366cef91a560
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 23 Mar 2023 18:52:02 GMT
server: ESF
cache-control: private
content-length: 31043
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 84b45209d94ad7301f9dc2224bb2f5da
90fbb479fe4faefda4e6b2eba4004da6328d81c7
b8be78412999d773ace79581e7160d879c1b165f47a80dfcc4ebd90dac95d799
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 78815ec28cdd11dab4f66f2eaab35658
c6fd7f2a657d87c6e7641be6fc69913c427cd26a
f99b9d279c7ddfe7916dde9c7390be1f225e330ffa662bd7ae603ceed76e44c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/ebdlydw2Yd_Y6uR7srxBjXpjyOJR1-EGTQhTHkWwPWw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/ebdlydw2Yd_Y6uR7srxBjXpjyOJR1-EGTQhTHkWwPWw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36234)
Hash 2f48892c44631371f768940591ea6b5f
e70e65d55fe0f931f89123d8da80fae781465db0
f86bc5688a62e0a7a69c46502c3fcac8a842abea3d02ecb1b76d0dfe39a9e060
GET /js/th/ebdlydw2Yd_Y6uR7srxBjXpjyOJR1-EGTQhTHkWwPWw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14379
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 05:04:35 GMT
expires: Thu, 21 Mar 2024 05:04:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 09:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 136047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/NlUNSIFvo5wCYcXQ-u4I5THZLnIccH0HJcHijT-zuHJHm1QFIESzhmmPsHnye5GjmTjcE4QXHw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.6 kB URL HTTP/2 yt3.ggpht.com/NlUNSIFvo5wCYcXQ-u4I5THZLnIccH0HJcHijT-zuHJHm1QFIESzhmmPsHnye5GjmTjcE4QXHw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 2027ba0dd5f024fe5ac38ef274059ef3
8723407a16211c54b59196701b08995c9dfbff39
32e0316859a4252b536c71eb3fd42ad96880f2cd8bb2741b003daf1fa03a0b6e
GET /NlUNSIFvo5wCYcXQ-u4I5THZLnIccH0HJcHijT-zuHJHm1QFIESzhmmPsHnye5GjmTjcE4QXHw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2640
x-xss-protection: 0
date: Thu, 23 Mar 2023 18:52:02 GMT
expires: Thu, 23 Mar 2023 19:00:49 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 23 Mar 2023 18:52:02 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 98427bf75a0f9061a07bb6e2171c684f
bcffd9980875d5acb27fc4fd1ef976d9ec6fa423
16f9753002f8a1b61e7321b9aa9de65dfd54f9977ffce630a4d770b0a0c9ce9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f2d9058a696bc3684e9116b15fef251b
8915ec6b4396539cdb639cb5abf1dd9a9762650c
886cd009bfce7f31c36e479c5fb443d8ae66bcd0a736043317c77ccb81809210
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 98427bf75a0f9061a07bb6e2171c684f
bcffd9980875d5acb27fc4fd1ef976d9ec6fa423
16f9753002f8a1b61e7321b9aa9de65dfd54f9977ffce630a4d770b0a0c9ce9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=251&source=youtube&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2252500&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=audio%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=46674669&dur=2566.661&lmt=1668896201490064&mt=1679597117&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANiTHZSUyenhSmS6cEANQvfILIxYVhX1nVkSBQ1rBNqaAiAuy3njyGwhhCQjwTUeSGmvOtCoI0UZ6U15oVlpYveFhA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfVSQySaFjsvrc42AqW1eC5hYFbsEQlibEjaGvvNp5hQCIQCswjm6ii7-vy6NmOdsKBcGuX0F9RH-9wmGIvx87ue-rA%3D%3D&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&range=0-70331&rn=2&rbuf=0&pot=IihvlG-SC4jwTyzzHKY50TXdDcAqoA3SIf4h1wXGGcsk8y3zSqcrsVzQ
91.90.45.172200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=251&source=youtube&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2252500&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=audio%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=46674669&dur=2566.661&lmt=1668896201490064&mt=1679597117&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANiTHZSUyenhSmS6cEANQvfILIxYVhX1nVkSBQ1rBNqaAiAuy3njyGwhhCQjwTUeSGmvOtCoI0UZ6U15oVlpYveFhA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfVSQySaFjsvrc42AqW1eC5hYFbsEQlibEjaGvvNp5hQCIQCswjm6ii7-vy6NmOdsKBcGuX0F9RH-9wmGIvx87ue-rA%3D%3D&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&range=0-70331&rn=2&rbuf=0&pot=IihvlG-SC4jwTyzzHKY50TXdDcAqoA3SIf4h1wXGGcsk8y3zSqcrsVzQ
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1106), with no line terminators
Hash 7e928fb4d372971b3285895482cd533b
ad5612c1564f7d10654080c374a549950e3ef99d
b18b9f21468fa6dcbae344ce202521e3e3ec5da32182e41900f7ed44dce525a7
POST /videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=251&source=youtube&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2252500&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=audio%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=46674669&dur=2566.661&lmt=1668896201490064&mt=1679597117&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANiTHZSUyenhSmS6cEANQvfILIxYVhX1nVkSBQ1rBNqaAiAuy3njyGwhhCQjwTUeSGmvOtCoI0UZ6U15oVlpYveFhA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfVSQySaFjsvrc42AqW1eC5hYFbsEQlibEjaGvvNp5hQCIQCswjm6ii7-vy6NmOdsKBcGuX0F9RH-9wmGIvx87ue-rA%3D%3D&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&range=0-70331&rn=2&rbuf=0&pot=IihvlG-SC4jwTyzzHKY50TXdDcAqoA3SIf4h1wXGGcsk8y3zSqcrsVzQ HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 23 Mar 2023 18:52:02 GMT
Expires: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1106
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2252500&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=video%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=72967930&dur=2566.647&lmt=1668896030139461&mt=1679597117&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgRKLYZBqt5ndMGGVdYAGfHl5AydAfO5iRy9K2nGve4xQCIEAWNWeH-lgVhcl-4azNKYhw7aNgohNvbtZ7CtXlkmac&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfVSQySaFjsvrc42AqW1eC5hYFbsEQlibEjaGvvNp5hQCIQCswjm6ii7-vy6NmOdsKBcGuX0F9RH-9wmGIvx87ue-rA%3D%3D&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&range=0-163831&rn=1&rbuf=0&pot=IiiMwozE6N4TGc-l__Dah9aL7pbJ9u6EwqjCgeaQ-p3Hpc6lqfHI57-G
91.90.45.172200 OK 1.2 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2252500&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=video%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=72967930&dur=2566.647&lmt=1668896030139461&mt=1679597117&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgRKLYZBqt5ndMGGVdYAGfHl5AydAfO5iRy9K2nGve4xQCIEAWNWeH-lgVhcl-4azNKYhw7aNgohNvbtZ7CtXlkmac&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfVSQySaFjsvrc42AqW1eC5hYFbsEQlibEjaGvvNp5hQCIQCswjm6ii7-vy6NmOdsKBcGuX0F9RH-9wmGIvx87ue-rA%3D%3D&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&range=0-163831&rn=1&rbuf=0&pot=IiiMwozE6N4TGc-l__Dah9aL7pbJ9u6EwqjCgeaQ-p3Hpc6lqfHI57-G
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1184), with no line terminators
Hash c97cf29e3261a0606c41822dcfcb9050
c2493db19cc0303fe2937b4a8b5606a8bdd76636
4e108d2d63d562a33ebf54f480242a979bf5176456f9a475fff084391acee8b8
POST /videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2252500&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=video%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=72967930&dur=2566.647&lmt=1668896030139461&mt=1679597117&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgRKLYZBqt5ndMGGVdYAGfHl5AydAfO5iRy9K2nGve4xQCIEAWNWeH-lgVhcl-4azNKYhw7aNgohNvbtZ7CtXlkmac&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgfVSQySaFjsvrc42AqW1eC5hYFbsEQlibEjaGvvNp5hQCIQCswjm6ii7-vy6NmOdsKBcGuX0F9RH-9wmGIvx87ue-rA%3D%3D&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&range=0-163831&rn=1&rbuf=0&pot=IiiMwozE6N4TGc-l__Dah9aL7pbJ9u6EwqjCgeaQ-p3Hpc6lqfHI57-G HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 23 Mar 2023 18:52:02 GMT
Expires: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1184
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 98427bf75a0f9061a07bb6e2171c684f
bcffd9980875d5acb27fc4fd1ef976d9ec6fa423
16f9753002f8a1b61e7321b9aa9de65dfd54f9977ffce630a4d770b0a0c9ce9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 988bc7514d9559f328e3967ae2df94d2
c9c39e67138fcacc07a4b61ab5cc7d56a3882f62
d50b71ca153e46d2189a9ad0e7b3f6b1d610c029abb8e7424309a53bee570b35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 596e2e1a6890ccaf9cd260cb65b1560e
bf8ea7f9e4d66e45b88608798ab268cff79b0a22
00b90c00cf74b933898cdda842f1106963903028d179f106b8e72e3081da39cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 7adaa17124279e861d7c5904f6deab7a
0380ee373d8a419562eab23ed185d2861323f9bc
6647b14d20019a29839dfeba32f76f57fe1821fcee3581bd9d10782504f83a44
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr3---sn-5goeenes.googlevideo.com/videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=251&source=youtube&requiressl=yes&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=audio%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=46674669&dur=2566.661&lmt=1668896201490064&keepalive=yes&fexp=24007246,24487977&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANiTHZSUyenhSmS6cEANQvfILIxYVhX1nVkSBQ1rBNqaAiAuy3njyGwhhCQjwTUeSGmvOtCoI0UZ6U15oVlpYveFhA%3D%3D&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=MR&mm=29&mn=sn-5goeenes&ms=rdu&mt=1679597122&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgAXBmNKrQ-h5O09qYq14aYx82vKffEAUn2mkoQ0mtgwICICNkmmMu4ETcAHnTaaOwF6puPHSfslr2PQpAOSDw3YYU&range=0-70331&rn=3&rbuf=0&pot=MmTnPs_A35QzF-cG23gYR3zgvM0ODyfTeciBgdwiCrYHU-K5yK9qHq6UQ5h_ie83PWys6CHNLmh2uFrPl_fLi_gCdgm1J5IJGiKzQnjbSTmQ4w_CFbgOEZYzh-H9JwQQM3GaHCok
74.125.108.232200 OK 70 kB URL HTTP/1.1 rr3---sn-5goeenes.googlevideo.com/videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=251&source=youtube&requiressl=yes&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=audio%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=46674669&dur=2566.661&lmt=1668896201490064&keepalive=yes&fexp=24007246,24487977&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANiTHZSUyenhSmS6cEANQvfILIxYVhX1nVkSBQ1rBNqaAiAuy3njyGwhhCQjwTUeSGmvOtCoI0UZ6U15oVlpYveFhA%3D%3D&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=MR&mm=29&mn=sn-5goeenes&ms=rdu&mt=1679597122&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgAXBmNKrQ-h5O09qYq14aYx82vKffEAUn2mkoQ0mtgwICICNkmmMu4ETcAHnTaaOwF6puPHSfslr2PQpAOSDw3YYU&range=0-70331&rn=3&rbuf=0&pot=MmTnPs_A35QzF-cG23gYR3zgvM0ODyfTeciBgdwiCrYHU-K5yK9qHq6UQ5h_ie83PWys6CHNLmh2uFrPl_fLi_gCdgm1J5IJGiKzQnjbSTmQ4w_CFbgOEZYzh-H9JwQQM3GaHCok
IP 74.125.108.232:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash ba4c0bb1f3fcf2c322915646f5f2aa6a
c5998980c0e2defa75c3593f49625edf15cb0de3
eb89e6f4b9b7dcdb6c310d2db97f54c6e08fde966e9f382aa97e6c3ec3d992c6
POST /videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=251&source=youtube&requiressl=yes&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=audio%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=46674669&dur=2566.661&lmt=1668896201490064&keepalive=yes&fexp=24007246,24487977&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANiTHZSUyenhSmS6cEANQvfILIxYVhX1nVkSBQ1rBNqaAiAuy3njyGwhhCQjwTUeSGmvOtCoI0UZ6U15oVlpYveFhA%3D%3D&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=MR&mm=29&mn=sn-5goeenes&ms=rdu&mt=1679597122&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgAXBmNKrQ-h5O09qYq14aYx82vKffEAUn2mkoQ0mtgwICICNkmmMu4ETcAHnTaaOwF6puPHSfslr2PQpAOSDw3YYU&range=0-70331&rn=3&rbuf=0&pot=MmTnPs_A35QzF-cG23gYR3zgvM0ODyfTeciBgdwiCrYHU-K5yK9qHq6UQ5h_ie83PWys6CHNLmh2uFrPl_fLi_gCdgm1J5IJGiKzQnjbSTmQ4w_CFbgOEZYzh-H9JwQQM3GaHCok HTTP/1.1
Host: rr3---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 19 Nov 2022 22:16:41 GMT
Content-Type: audio/webm
Date: Thu, 23 Mar 2023 18:52:02 GMT
Expires: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 70332
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr3---sn-5goeenes.googlevideo.com/videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=video%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=72967930&dur=2566.647&lmt=1668896030139461&keepalive=yes&fexp=24007246,24487977&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgRKLYZBqt5ndMGGVdYAGfHl5AydAfO5iRy9K2nGve4xQCIEAWNWeH-lgVhcl-4azNKYhw7aNgohNvbtZ7CtXlkmac&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=MR&mm=29&mn=sn-5goeenes&ms=rdu&mt=1679597122&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAP3poRtEToethQ5vNW9VDU3zyXGCQzwB0Avo2_oH2H_vAiEAwnMcasFQLAMg351xh1KjBuesGG-RY5EgYkxQHXL-TaQ%3D&range=0-163831&rn=4&rbuf=0&pot=MmTnPs_A35QzF-cG23gYR3zgvM0ODyfTeciBgdwiCrYHU-K5yK9qHq6UQ5h_ie83PWys6CHNLmh2uFrPl_fLi_gCdgm1J5IJGiKzQnjbSTmQ4w_CFbgOEZYzh-H9JwQQM3GaHCok&altitags=242%2C278
74.125.108.232200 OK 164 kB URL HTTP/1.1 rr3---sn-5goeenes.googlevideo.com/videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=video%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=72967930&dur=2566.647&lmt=1668896030139461&keepalive=yes&fexp=24007246,24487977&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgRKLYZBqt5ndMGGVdYAGfHl5AydAfO5iRy9K2nGve4xQCIEAWNWeH-lgVhcl-4azNKYhw7aNgohNvbtZ7CtXlkmac&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=MR&mm=29&mn=sn-5goeenes&ms=rdu&mt=1679597122&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAP3poRtEToethQ5vNW9VDU3zyXGCQzwB0Avo2_oH2H_vAiEAwnMcasFQLAMg351xh1KjBuesGG-RY5EgYkxQHXL-TaQ%3D&range=0-163831&rn=4&rbuf=0&pot=MmTnPs_A35QzF-cG23gYR3zgvM0ODyfTeciBgdwiCrYHU-K5yK9qHq6UQ5h_ie83PWys6CHNLmh2uFrPl_fLi_gCdgm1J5IJGiKzQnjbSTmQ4w_CFbgOEZYzh-H9JwQQM3GaHCok&altitags=242%2C278
IP 74.125.108.232:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 164 kB (163832 bytes)
Hash cc59c6f5af603fd2e1c068eefa12f97c
489517bbeb330d3c127e5c1610a0007a80e078f3
74275c362d4b6fa42669a3325cc9ebae1e2884379e08e9fb2bf6ee9e3b0819ea
POST /videoplayback?expire=1679619122&ei=0p8cZLuaG6Xo7QTEg4jIAQ&ip=91.90.42.154&id=o-AAkb4-RkTjfghFkuWvXIo73nYh1QXNtiXVthX-QBCJK0&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=99c5CUbrzZ7AmHg4DNJl8lK1aE1zUKmgMWMiS03RXj4aHXMemQ&vprv=1&mime=video%2Fwebm&ns=qc2uaCzYT2alDceH5An3q8oM&gir=yes&clen=72967930&dur=2566.647&lmt=1668896030139461&keepalive=yes&fexp=24007246,24487977&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=iiO9T8fet9LRyg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgRKLYZBqt5ndMGGVdYAGfHl5AydAfO5iRy9K2nGve4xQCIEAWNWeH-lgVhcl-4azNKYhw7aNgohNvbtZ7CtXlkmac&alr=yes&cpn=gR-STYEvG1Hm4zVe&cver=1.20230319.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=MR&mm=29&mn=sn-5goeenes&ms=rdu&mt=1679597122&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAP3poRtEToethQ5vNW9VDU3zyXGCQzwB0Avo2_oH2H_vAiEAwnMcasFQLAMg351xh1KjBuesGG-RY5EgYkxQHXL-TaQ%3D&range=0-163831&rn=4&rbuf=0&pot=MmTnPs_A35QzF-cG23gYR3zgvM0ODyfTeciBgdwiCrYHU-K5yK9qHq6UQ5h_ie83PWys6CHNLmh2uFrPl_fLi_gCdgm1J5IJGiKzQnjbSTmQ4w_CFbgOEZYzh-H9JwQQM3GaHCok&altitags=242%2C278 HTTP/1.1
Host: rr3---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 19 Nov 2022 22:13:50 GMT
Content-Type: video/webm
Date: Thu, 23 Mar 2023 18:52:02 GMT
Expires: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 163832
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
i.ytimg.com/vi_webp/GRFCJbSjSAo/maxresdefault.webp
142.250.74.54200 OK 65 kB URL HTTP/2 i.ytimg.com/vi_webp/GRFCJbSjSAo/maxresdefault.webp
IP 142.250.74.54:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf61814974d73646d86c7f60ab1c4a31
fe70e42345014514ab7a2c9d7cecb24a77d7c401
ad1c734fb72ce4b82fb365ae2182cf5f17dfb26b282b41d861bb8937603194ce
GET /vi_webp/GRFCJbSjSAo/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 65282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 18:52:02 GMT
expires: Thu, 23 Mar 2023 20:52:02 GMT
cache-control: public, max-age=7200
etag: "1661371659"
content-type: image/webp
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 988bc7514d9559f328e3967ae2df94d2
c9c39e67138fcacc07a4b61ab5cc7d56a3882f62
d50b71ca153e46d2189a9ad0e7b3f6b1d610c029abb8e7424309a53bee570b35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trybeliv.com/assets/images/unmute.png
172.67.71.159200 OK 38 kB URL HTTP/2 trybeliv.com/assets/images/unmute.png
IP 172.67.71.159:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5d29442753ec1fb37be0a53581746a8d
c057a86a226e01c754dd1cb412dcca93ff6d60c2
7a321bf27f0e55dc0ada8c25e897b043ab7b94e3e8a8e000eb4f70f1080b2ca1
GET /assets/images/unmute.png HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU; transaction_id=1-170233970112274013400000001761173129467932; _ga_RF0P0MLLMC=GS1.1.1679597529.1.0.1679597529.0.0.0; _ga=GA1.2.493331888.1679597530; sessid2=sessid20230323185220554; spi_funnel_codename=; aff_id=2310; sid=4351%7C1-170233970112274013400000001761173129467932; campaign_id=; referrer=91.90.42.154::trybeliv.com%2Fg-beliv%2F101; _gid=GA1.2.1042761784.1679597530; _gat_gtag_UA_131822362_25=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:02 GMT
content-type: image/webp
content-length: 38112
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=74162
content-disposition: inline; filename="unmute.webp"
vary: Accept
last-modified: Fri, 01 Jul 2022 08:21:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6750
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ymu6v0SdRdhMSEIqjBpiSnf6xSqroGeY8TXcuIwW0l6DYtPkYYrRjQrVurJaoHe1k6Odwg2OJHOV33yf6zWJiQwHzZzTzMzNVOUUYUiS5QKkAnxGsJA3Z44KbIdQeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac8de860b90b51d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash acb112025847f44ab0f138662348f4e7
3bfd6bcf1bdffa3cb21c235f9e09710da5b2daf9
0c078d7a5f6614ec8f85b15bbaefb11420594271f73168f4535dd628fcd86298
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 18:52:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trybeliv.com/assets/css/webflow.css
172.67.71.159200 OK 0 B URL HTTP/2 trybeliv.com/assets/css/webflow.css
IP 172.67.71.159:0
GET /assets/css/webflow.css HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=39314
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLv%2FWpEtjEYZfIRbRLp3m1q6SDit727aSfVYOs7ln89PRu5f%2BAoySTIYDe0EtQYjl4d2fzXgXKpGjuNZ9aAVvLgFnnFJ%2FGHrCTGgQeLIE%2B8AKTba4uVHwtmarIpHYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8de79aac7b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
trybeliv.com/assets/js/accordion.js
172.67.71.159200 OK 0 B URL HTTP/2 trybeliv.com/assets/js/accordion.js
IP 172.67.71.159:0
GET /assets/js/accordion.js HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:00 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1710
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 467
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACPtAGoqBDzc6dd5%2F3ZgC0kuCqQW0cBgU9NegJpT81efux1X3q9KheRrF9EX9ANnleBy0ZXOiXq4I70oAUcL1QjOQyM2O6GjGWZZJCW4%2F%2BAtrhyjGmNvu6lnsMwwTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8de79caf4b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
trybeliv.com/assets/images/favicon.ico
172.67.71.159200 OK 0 B URL HTTP/2 trybeliv.com/assets/images/favicon.ico
IP 172.67.71.159:0
GET /assets/images/favicon.ico HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/g-beliv/101.php?aff_id=2310&subid=4351&subid2=1-170233970112274013400000001761173129467932&subid3=1024f82ad14d5c8e34adce1ad96498
Cookie: PHPSESSID=4e8acb00b70f2a0f5ef5db75d1309202; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGVB33Btq3dTNU; transaction_id=1-170233970112274013400000001761173129467932; _ga_RF0P0MLLMC=GS1.1.1679597529.1.0.1679597529.0.0.0; _ga=GA1.1.493331888.1679597530
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 18:52:01 GMT
content-type: image/x-icon
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6748
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtYqJaxSUgROnohPak%2FgX%2BFst6mNLA11HJUk%2FGlz7rHZSL27s14JtN34ou2pB3S9ZmVteoWOC%2BMGNSR9oYY1QC1ywt7dMaDOmPCo0yq4wRwkuxr1u6JFAwsxj9R2Og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac8de7d8fe1b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2