click.thelostartofdating.net/?t=c&ids=MjgwNTY0NTU1__ODA0MA==__MTU5MTg0MzQ=__NDY5__254&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGZmgzNg==
170.187.185.18301 Moved Permanently 358 B URL HTTP/1.1 click.thelostartofdating.net/?t=c&ids=MjgwNTY0NTU1__ODA0MA==__MTU5MTg0MzQ=__NDY5__254&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGZmgzNg==
IP 170.187.185.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 20c547dcf9151698987e84dfa0c35f68
fa2bf0a853c53fe99ccd75f6fdc2bad259d5df7b
2808056cd57ca3297b12ae425d6f3e9b0f4a8fee87099b22f8b3a2c4a1fd7c59
GET /?t=c&ids=MjgwNTY0NTU1__ODA0MA==__MTU5MTg0MzQ=__NDY5__254&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGZmgzNg== HTTP/1.1
Host: click.thelostartofdating.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 27 Nov 2022 18:29:40 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 358
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: upgrade-insecure-requests
Location: https://click.thelostartofdating.net/?t=c&ids=MjgwNTY0NTU1__ODA0MA==__MTU5MTg0MzQ=__NDY5__254&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGZmgzNg==
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5793
Expires: Sun, 27 Nov 2022 20:06:13 GMT
Date: Sun, 27 Nov 2022 18:29:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5966
Cache-Control: max-age=150059
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:40 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:10:39 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11391
Expires: Sun, 27 Nov 2022 21:39:31 GMT
Date: Sun, 27 Nov 2022 18:29:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 18:17:40 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 720
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nMioK9S/kBRbh83RJYSdht4DRcY1iKQRUnS9VNehTWl6j20eyiKPMaHWY7jUayBciQKppZwxExU=
x-amz-request-id: QTG020B0RBPSXES8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 17:41:43 GMT
age: 2877
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 445394cd19e576aa9780a401523624ca
844024551d6bb39764bf8d76a8a4f3c3bc1c11d1
b69182339071643899a865ee4532f39b72a6427487389ecbced0ee20108c850c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B69182339071643899A865EE4532F39B72A6427487389ECBCED0EE20108C850C"
Last-Modified: Sat, 26 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Mon, 28 Nov 2022 00:29:31 GMT
Date: Sun, 27 Nov 2022 18:29:40 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:29:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
click.thelostartofdating.net/?t=c&ids=MjgwNTY0NTU1__ODA0MA==__MTU5MTg0MzQ=__NDY5__254&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGZmgzNg==
170.187.185.18200 OK 367 B URL HTTP/2 click.thelostartofdating.net/?t=c&ids=MjgwNTY0NTU1__ODA0MA==__MTU5MTg0MzQ=__NDY5__254&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGZmgzNg==
IP 170.187.185.18:0
Hash fc9f773b8c0b515637307ce7b15ae503
de5596cd66b17f2938b65ece39dda187b1fde8ce
f04be3be020b4622c1aae2977ae1b7bc7caa5a72f91e2b047b348fff8e138452
GET /?t=c&ids=MjgwNTY0NTU1__ODA0MA==__MTU5MTg0MzQ=__NDY5__254&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGZmgzNg== HTTP/1.1
Host: click.thelostartofdating.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 18:29:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 18:08:54 GMT
cache-control: public,max-age=3600
age: 1246
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 12de616c8f4c510668c1d447d31e2168
7241ce434744abc22bf8d61e053b695c347db5cc
5940bac16b5c3357d3e3687b122d006a0ccdef5e75dad505482ec1be7c12ac61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=111650
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:41 GMT
Etag: "6382bdb6-116"
Expires: Tue, 29 Nov 2022 01:30:31 GMT
Last-Modified: Sun, 27 Nov 2022 01:30:30 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5785
Cache-Control: max-age=144816
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:41 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:43:17 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b396c4cad4aa3e22dde3c2e90fa683e2
b578ddf51b8b68af1fee370f41ea3eadfb7b5721
6cb25debf881659487e654c5bd8b6c659ce94a99d932cf0d2fb264555bb90c2e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CB25DEBF881659487E654C5BD8B6C659CE94A99D932CF0D2FB264555BB90C2E"
Last-Modified: Fri, 25 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4849
Expires: Sun, 27 Nov 2022 19:50:30 GMT
Date: Sun, 27 Nov 2022 18:29:41 GMT
Connection: keep-alive
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dqz5HmMFOmLQfy6NoPU60w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AY8R8yaVm+AgI5gCkFzRJAdKd3A=
fast.wistia.com/embed/medias/1ctdam2hwm.jsonp
151.101.86.110200 OK 1.7 kB URL HTTP/2 fast.wistia.com/embed/medias/1ctdam2hwm.jsonp
IP 151.101.86.110:0
File type ASCII text, with very long lines (5761)
Hash 0a7383e648c1eab1d810e24e5db552e0
1980dadd2cb2f75bbda042aadd96bd7349039dc7
9e0f164d4d58dc8d16e6f4f83f1105a21cf2ac94eef697e214f1ca7d5c57b9cf
GET /embed/medias/1ctdam2hwm.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"77feb7dbee7d76f4117fdd3e8721e6e0"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 3461fd82011a82a8b16074b4afbf96ac
x-runtime: 0.066296
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:29:42 GMT
age: 81675
x-served-by: cache-iad-kiad7000158-IAD, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 193, 1
x-timer: S1669573782.062233,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1669
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bfeb4d32f51202ef118e7eb53662cb48
cdde8def1b8feb9ef348b846f7c001591bad9353
405e850dc945eab86d9f0ae3cc2109779c46ea4c9d1a7663e69ee7f80d733861
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2745
Cache-Control: max-age=119075
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:42 GMT
Etag: "6382d000-117"
Expires: Tue, 29 Nov 2022 03:34:17 GMT
Last-Modified: Sun, 27 Nov 2022 02:48:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
fast.wistia.com/assets/external/E-v1.js
151.101.86.110200 OK 117 kB URL HTTP/2 fast.wistia.com/assets/external/E-v1.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 117 kB (116637 bytes)
Hash daf6f411893d0a2adeebb8a9878f54dc
7359be87a83e4bf392c7465d0619f8d1a456be7b
311032200014a4c8f4650c783ebddec6f839112f53916a25b45afbbe7b318c50
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-1c79d"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:29:42 GMT
age: 2774
x-served-by: cache-iad-kiad7000159-IAD, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 13, 185
x-timer: S1669573782.066361,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 116637
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bfeb4d32f51202ef118e7eb53662cb48
cdde8def1b8feb9ef348b846f7c001591bad9353
405e850dc945eab86d9f0ae3cc2109779c46ea4c9d1a7663e69ee7f80d733861
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2745
Cache-Control: max-age=119075
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:42 GMT
Etag: "6382d000-117"
Expires: Tue, 29 Nov 2022 03:34:17 GMT
Last-Modified: Sun, 27 Nov 2022 02:48:32 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
emdlvr.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.6
172.67.187.198200 OK 547 B URL HTTP/2 emdlvr.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.6
IP 172.67.187.198:0
Hash 6f6705518d9017a16cfd9194d775d3cd
73ffc44876ebef45db224128871c042aa58f1aca
d3984be5ed14a55c700aec72078f46baa058a2faf13c74430a9915a80fb4fed0
GET /wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.6 HTTP/1.1
Host: emdlvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emdlvr.com/fh36
Cookie: prli_click_94=fh36; prli_visitor=6383ac9512dbe
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:41 GMT
content-type: application/javascript
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 23 Oct 2022 08:36:36 GMT
expires: Thu, 22 Dec 2022 12:25:54 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 453827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8U7AxwNmfw2GkPLDK1onSLxlH4fZUNrF1uool5bt%2BrSvlOE%2FN0n9YBb%2B%2Fu3bVSZw7iABdQuzOpw5afI5CfGVdxtJn5I3JpaOLIN%2Flwh3D6zo3gVc5GgFzjpOss34"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cee444c161bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8746
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 18:29:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8746
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 18:29:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8746
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 18:29:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8746
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 18:29:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8746
Expires: Sun, 27 Nov 2022 20:55:28 GMT
Date: Sun, 27 Nov 2022 18:29:42 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 74374
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 74285
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 60174
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I6egDH0h7D08HhaoQHQ0vgghBhPfje2lGIbnWD-t7p4txzHsFxmZfg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 16:15:23 GMT
age: 8059
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 74281
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e97baa4851785eac92c719abf481c64
c32a57038d3cdbc514c9081c9938eca6a04fb481
adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: e4ce369f-7654-4c1a-94c2-70c913eb1a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFL0tEcqIAMFXHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec01d-37bd969f4cdfe220096b8c1f;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:51:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: __2hrJIdzCKzhuJ_YfbSSfz-WwyIqnPugk7P6SuYSjn6b2wwm0otCw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:58:18 GMT
age: 77484
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 21:48:50 GMT
expires: Thu, 23 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 333652
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:30:59 GMT
expires: Thu, 23 Nov 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 341923
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2e47f3fd1c17d83c62f184d0a4e41fa6
ebf00fbe418817cca745fb10cfa9c184756cf38d
dbd2dd4b7502db94b0c406798fd6fca67046630cab2fb6fdcc59337b7f9229b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=88259
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:42 GMT
Etag: "63826259-116"
Expires: Mon, 28 Nov 2022 19:00:41 GMT
Last-Modified: Sat, 26 Nov 2022 19:00:41 GMT
Server: nginx
Content-Length: 278
vitafirmsecret.com/special-announcement/img/thumb.svg
69.172.200.220200 OK 40 kB URL HTTP/2 vitafirmsecret.com/special-announcement/img/thumb.svg
IP 69.172.200.220:0
Hash 77807811dfa8bc3bbf21a94d2327c864
656b333aa3908c49e884b23bfb53cfef16b1248f
2b1b48f6fe52129b9ec36243232e1fedc088caae08d489f62f110304b1b9510a
GET /special-announcement/img/thumb.svg HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: image/svg+xml
last-modified: Wed, 11 May 2022 20:48:13 GMT
etag: W/"627c210d-2bf9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: 5b5c38ff2f0ed083320fdd1f7bb44e16
server: DOSarrest
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/engines/hls_video.js
151.101.86.110200 OK 114 kB URL HTTP/2 fast.wistia.com/assets/external/engines/hls_video.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65469)
Size 114 kB (114373 bytes)
Hash ddbf94a47f16fcd8a99d8c45572ac852
fabe447aee7408e90c4fcfc1de127d98987b8ca0
cb2cba64e3b0a0797031ca64b918bed7c1c58b6f3b40d92b4f45f93b3ea55109
GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-1bec5"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:29:43 GMT
age: 2775
x-served-by: cache-iad-kiad7000086-IAD, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 60
x-timer: S1669573783.096628,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 114373
X-Firefox-Spdy: h2
vitafirmsecret.com/special-announcement/img/logos.png
69.172.200.220200 OK 216 kB URL HTTP/2 vitafirmsecret.com/special-announcement/img/logos.png
IP 69.172.200.220:0
File type PNG image data, 1824 x 214, 8-bit/color RGBA, non-interlaced\012- data
Size 216 kB (215638 bytes)
Hash af826db0f072dc7cf3c09624ee32ea38
c925a34c0b0cfff3aa709243920e42404593642e
d5da232932d61648ae494f926b80f694d356d865ac5cb8f7fbab352952b0bbde
GET /special-announcement/img/logos.png HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: image/png
content-length: 215638
last-modified: Wed, 11 May 2022 20:48:12 GMT
etag: "627c210c-34a56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 53b1c6d616df2a76861822969c8d8450
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
fast.wistia.com/assets/images/blank.gif
151.101.86.110200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP 151.101.86.110:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "6382b242-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sun, 27 Nov 2022 00:41:38 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:29:43 GMT
age: 63976
x-served-by: cache-iad-kiad7000052-IAD, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 64, 1205
x-timer: S1669573783.297297,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1214
X-Firefox-Spdy: h2
go.maxweb.com/conversion/iframe/?a=7671&token=fff47a0ef35e0a140d7b185acf86d666
172.66.43.113200 OK 974 B URL HTTP/2 go.maxweb.com/conversion/iframe/?a=7671&token=fff47a0ef35e0a140d7b185acf86d666
IP 172.66.43.113:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 778ea52aa4e52a3181f393c835945117
385a047dbb2414e547267abb4f0c35717ff81d90
f38f424d305f9fbf3de7ac8814c12305258032112e3245662a28c5e8e26a4137
GET /conversion/iframe/?a=7671&token=fff47a0ef35e0a140d7b185acf86d666 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Sun, 27 Nov 2022 19:29:43 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 770cee4edcf90afe-OSL
content-encoding: br
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/ce1a3b5787d3093cd2bb01b023adab9d4ef19e72.m3u8
151.101.86.133200 OK 2.8 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/ce1a3b5787d3093cd2bb01b023adab9d4ef19e72.m3u8
IP 151.101.86.133:0
Hash 52a893b6e9db8ab53b99784e92bdbf95
111866b0c31c77dfc9ba7b48f9b41ba6fe689e2d
d1ad96ec900fd3399691966a522336ca7b27854816408ac7a404caf5668e1fe3
GET /deliveries/ce1a3b5787d3093cd2bb01b023adab9d4ef19e72.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Wed, 15 Nov 2023 13:42:31 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: ce1a3b5787d3093cd2bb01b023adab9d4ef19e72-hls-segment 35018ad58e1324405997174e10416378d22b7a2e
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:29:43 GMT
age: 1054032
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kjyo7100083-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 452, 1
x-timer: S1669573784.519934,VS0,VE1
vary: Accept-Encoding
content-length: 2821
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/ce1a3b5787d3093cd2bb01b023adab9d4ef19e72.m3u8/seg-1-v1-a1.ts
151.101.86.133200 OK 370 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/ce1a3b5787d3093cd2bb01b023adab9d4ef19e72.m3u8/seg-1-v1-a1.ts
IP 151.101.86.133:0
File type MPEG transport stream data\012- data
Size 370 kB (370360 bytes)
Hash a7f254b705a948996d29f765d5b7eeea
0f39be69d29ae7a6ad3d4c6100c5beca6802f5fd
ad662c6b5861e9379783db02bd90f721b74c7f628bf83c1bed5127842246da6f
GET /deliveries/ce1a3b5787d3093cd2bb01b023adab9d4ef19e72.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Sat, 14 Oct 2023 14:12:29 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: ce1a3b5787d3093cd2bb01b023adab9d4ef19e72-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:29:43 GMT
age: 3817034
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kjyo7100143-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 2194, 1
x-timer: S1669573784.555863,VS0,VE1
content-length: 370360
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/8a9f70c81d96136b5183947a42000064c877593b.m3u8
151.101.86.133200 OK 2.8 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/8a9f70c81d96136b5183947a42000064c877593b.m3u8
IP 151.101.86.133:0
Hash 2ab78b80d9bb6f7505a73d30d0034397
a4fefc61f84911f25c2c9697f299eb58114cd6e4
7a490aea36265a553a0b798f4b6d7720512641606e03d3c9e995d274143e1401
GET /deliveries/8a9f70c81d96136b5183947a42000064c877593b.m3u8 HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
expires: Thu, 12 Oct 2023 07:27:14 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 8a9f70c81d96136b5183947a42000064c877593b-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:29:43 GMT
age: 4014150
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kcgs7200041-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 1066, 1
x-timer: S1669573784.778593,VS0,VE1
vary: Accept-Encoding
content-length: 2824
X-Firefox-Spdy: h2
embed-fastly.wistia.com/deliveries/8a9f70c81d96136b5183947a42000064c877593b.m3u8/seg-1-v1-a1.ts
151.101.86.133200 OK 130 kB URL HTTP/2 embed-fastly.wistia.com/deliveries/8a9f70c81d96136b5183947a42000064c877593b.m3u8/seg-1-v1-a1.ts
IP 151.101.86.133:0
File type MPEG transport stream data\012- data
Size 130 kB (129720 bytes)
Hash 9cf141e9465c6c0db6efd412bcadab05
5805c9e62403509fa2a9b56e97c9fe7fbbc527d9
1229fa165fe6ac8a30345de19864fd2c9f1f7c7141d23eb32dbb5d6d2ca815f7
GET /deliveries/8a9f70c81d96136b5183947a42000064c877593b.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-fastly.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: video/MP2T
expires: Wed, 25 Oct 2023 07:08:49 GMT
cache-control: max-age=31536000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 8a9f70c81d96136b5183947a42000064c877593b-hls-segment a227918e831bad87448fc210e029b3c9b5b84f05
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:29:43 GMT
age: 2892053
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kcgs7200158-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 633, 1
x-timer: S1669573784.812241,VS0,VE1
content-length: 129720
X-Firefox-Spdy: h2
embed-ssl.wistia.com/deliveries/4a4f3181df06114f1dafde87fc845f3283e09bac.webp?image_crop_resized=1280x720
151.101.86.133200 OK 58 kB URL HTTP/2 embed-ssl.wistia.com/deliveries/4a4f3181df06114f1dafde87fc845f3283e09bac.webp?image_crop_resized=1280x720
IP 151.101.86.133:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f589f50be8e8bdfeb50ce371a0ef2215
7fe79ba95c6aadf4169cd38980fc9a5a9103349f
4d25fa5845736938b30b7177da9d170b38623acea77bb2dcffb98fe284fc7b07
GET /deliveries/4a4f3181df06114f1dafde87fc845f3283e09bac.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
access-control-expose-headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: 4a4f3181df06114f1dafde87fc845f3283e09bac
last-modified: Mon, 13 Jun 2022 15:02:36 UTC
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:29:43 GMT
age: 1147192
access-control-allow-origin: *
access-control-request-method: *
access-control-allow-methods: GET, HEAD, OPTIONS
x-served-by: cache-iad-kjyo7100103-IAD, cache-bma1681-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 1
x-timer: S1669573784.826814,VS0,VE1
content-length: 58266
X-Firefox-Spdy: h2
vitafirmsecret.com/1xx.png
69.172.200.220200 OK 665 kB URL HTTP/2 vitafirmsecret.com/1xx.png
IP 69.172.200.220:0
File type PNG image data, 2944 x 2030, 8-bit colormap, non-interlaced\012- data
Size 665 kB (665119 bytes)
Hash 986b763d6d8df0aa0d32c34c372f94f0
3e964b620b16d32ef4981ea9f0e6c3395367f2fc
af3e61ab121f4f670509409b2dbb196185fe26c3154364208c15a81988ac68ae
GET /1xx.png HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: image/png
content-length: 665119
last-modified: Mon, 16 May 2022 18:59:56 GMT
etag: "62829f2c-a261f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: df93fc17816a4dbb6d8b14b053e43389
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
vitafirmsecret.com/special-announcement/img/60days.png
69.172.200.220200 OK 996 kB URL HTTP/2 vitafirmsecret.com/special-announcement/img/60days.png
IP 69.172.200.220:0
File type PNG image data, 1809 x 1809, 8-bit/color RGBA, non-interlaced\012- data
Size 996 kB (996382 bytes)
Hash 8691cabfb6e0a4c601f476b6ad3ba32e
bc25d860fb6d35df464cab5861bbe62bbda03b6a
c273629b9bfb9e864fb13fd2af9352a56d05d3636e25105a4ad41f9d404b5391
GET /special-announcement/img/60days.png HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: image/png
content-length: 996382
last-modified: Wed, 11 May 2022 20:48:11 GMT
etag: "627c210b-f341e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 0b41d8cd9ce2a154876478bed28597ca
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
vitafirmsecret.com/6xx.png
69.172.200.220200 OK 1.1 MB URL HTTP/2 vitafirmsecret.com/6xx.png
IP 69.172.200.220:0
File type PNG image data, 2544 x 1754, 8-bit colormap, non-interlaced\012- data
Size 1.1 MB (1123776 bytes)
Hash 748abd2a4ad418e41fc3413fa9caa362
cf190b29196ef2ac02be18f2098fa48b4371c130
38dbb0b05592a498d0788b7bed92ed4a0d33ee58b989888e5726932a778d2624
GET /6xx.png HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: image/png
content-length: 1123776
last-modified: Mon, 16 May 2022 18:59:56 GMT
etag: "62829f2c-1125c0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 4651fdba03230ecc70613c96c875006b
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
vitafirmsecret.com/3xx.png
69.172.200.220200 OK 1.2 MB URL HTTP/2 vitafirmsecret.com/3xx.png
IP 69.172.200.220:0
File type PNG image data, 2944 x 2030, 8-bit colormap, non-interlaced\012- data
Size 1.2 MB (1235213 bytes)
Hash 4061b843aaddb6c4855ee1799104fb2c
2fceb9916c82be96122e49e9dc7b8b1330085977
ced58ff7fe9c02ccf4e62d88a0298206c0858bdcabc31dc02be0207666b2041e
GET /3xx.png HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: image/png
content-length: 1235213
last-modified: Mon, 16 May 2022 18:59:56 GMT
etag: "62829f2c-12d90d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: 5de9e947a8f3846686de6b3c89f60041
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
vitafirmsecret.com/icon.png
69.172.200.220200 OK 28 kB URL HTTP/2 vitafirmsecret.com/icon.png
IP 69.172.200.220:0
File type PNG image data, 461 x 541, 8-bit/color RGBA, non-interlaced\012- data
Hash 99b5695a51c3acbfe1fcadcd5070f808
1602315bb1d27966f5078ca8a93d4aab3be0cbfd
b9b20df978fb8b83225714262b43fafa2f729883f6ee2a293e2c24ff0abc3920
GET /icon.png HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0; sessid2=sessid20221127182943948; spi_funnel_codename=; aff_id=662; sid=mw2agiop1127vitafirm; campaign_id=; referrer=91.90.42.154:emdlvr.com:vitafirmsecret.com%2Fspecial-announcement
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:44 GMT
content-type: image/png
content-length: 28280
last-modified: Wed, 11 May 2022 20:48:08 GMT
etag: "627c2108-6e78"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
x-dis-request-id: bfb93384eef5a3c6826310fc4c712c6b
server: DOSarrest
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 702932db9a4f9e2f1f9bd16462b7db56
c4bcbea3b95219fac769c57f9713eee2e33579d7
6b27731a24e65df851b14d90c70683b8875144e31aa02c5c5ff50eec86a5c3e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5462
Cache-Control: max-age=157458
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 18:29:44 GMT
Etag: "63835b54-118"
Expires: Tue, 29 Nov 2022 14:14:02 GMT
Last-Modified: Sun, 27 Nov 2022 12:43:00 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.237.53200 OK 55 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Hash 441723b72633b1ac9757ad7c63168005
806166ca9ebb5839dd90a5e5c9335e3e0b18c169
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 55116
content-type: application/javascript;charset=utf-8
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8fe62948d1d4c"
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 0mKyDYwAAAAB3P062KnUnTbgIvzXJ2ymgQ1BIMzBFREdFMDQwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 27 Nov 2022 18:29:44 GMT
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/playPauseLoadingControl.js
151.101.86.110200 OK 16 kB URL HTTP/2 fast.wistia.com/assets/external/playPauseLoadingControl.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (60125), with no line terminators
Hash 7264d7b49eb6dc6eef062a9511cfd32e
d6724f77d675d740c895a283e4b8e3dbdd1719d5
6cca15bd7bbece1644b8b31db564da9659fa85f73ea22b814cb831cf0113a4e3
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "637ce334-3e59"
last-modified: Tue, 22 Nov 2022 14:56:52 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 27 Nov 2022 18:29:45 GMT
age: 2777
x-served-by: cache-iad-kcgs7200113-IAD, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 50, 112
x-timer: S1669573785.450073,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 15961
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 9a2c3e9b369cc8c47d004019581e098c
d702c71c5f644b6bbce96ee216fb1ce88ec63782
62c5b9090fd685645f3da9c629e08e7ac78a2b07fd88e26d21b74dd3657f6371
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 18:29:45 GMT
Last-Modified: Sun, 27 Nov 2022 17:08:14 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z3mzHCtNvMOJiC1YoC3Nh9XEOhRCqNzE2mP_2zaNX718LJAlB1rh4A==
Age: 4891
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 9a2c3e9b369cc8c47d004019581e098c
d702c71c5f644b6bbce96ee216fb1ce88ec63782
62c5b9090fd685645f3da9c629e08e7ac78a2b07fd88e26d21b74dd3657f6371
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143404
Date: Sun, 27 Nov 2022 18:29:45 GMT
Etag: "638322fd-1d7"
Expires: Tue, 29 Nov 2022 10:19:49 GMT
Last-Modified: Sun, 27 Nov 2022 08:42:37 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VeNPHHKmBpmGcOWM58ZVocFHZGVc46ARF2Q6uQ0bsfBkZ_Xv_XpxzQ==
Age: 5832
pipedream.wistia.com/mput?topic=metrics
34.231.199.151200 OK 2 B URL HTTP/2 pipedream.wistia.com/mput?topic=metrics
IP 34.231.199.151:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 7020
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:45 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
distillery.wistia.com/x
52.207.88.224204 No Content 0 B IP 52.207.88.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1548
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 27 Nov 2022 18:29:45 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=60AE1A5FCF04455C863A7B32B8511B59&RedC=c.clarity.ms&MXFR=268BDA85A352643C1949C8ECA7526A0F
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=268BDA85A352643C1949C8ECA7526A0F; domain=.clarity.ms; expires=Fri, 22-Dec-2023 18:29:46 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 27 Nov 2022 18:29:45 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=60AE1A5FCF04455C863A7B32B8511B59&RedC=c.clarity.ms&MXFR=268BDA85A352643C1949C8ECA7526A0F
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=60AE1A5FCF04455C863A7B32B8511B59&RedC=c.clarity.ms&MXFR=268BDA85A352643C1949C8ECA7526A0F
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=60AE1A5FCF04455C863A7B32B8511B59&RedC=c.clarity.ms&MXFR=268BDA85A352643C1949C8ECA7526A0F HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vitafirmsecret.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=60AE1A5FCF04455C863A7B32B8511B59&MUID=03199AF1C030698E10868898C167689A
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=03199AF1C030698E10868898C167689A; domain=c.bing.com; expires=Fri, 22-Dec-2023 18:29:46 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70CCE4D3F2D744F7B59077BAB5892D92 Ref B: OSL30EDGE0410 Ref C: 2022-11-27T18:29:46Z
date: Sun, 27 Nov 2022 18:29:45 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=60AE1A5FCF04455C863A7B32B8511B59&MUID=03199AF1C030698E10868898C167689A
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=60AE1A5FCF04455C863A7B32B8511B59&MUID=03199AF1C030698E10868898C167689A
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=60AE1A5FCF04455C863A7B32B8511B59&MUID=03199AF1C030698E10868898C167689A HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vitafirmsecret.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 27-Nov-2022 18:39:46 GMT; path=/; SameSite=None; Secure;
date: Sun, 27 Nov 2022 18:29:45 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1034
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://vitafirmsecret.com
access-control-allow-credentials: true
date: Sun, 27 Nov 2022 18:29:46 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 76253
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://vitafirmsecret.com
access-control-allow-credentials: true
date: Sun, 27 Nov 2022 18:29:46 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1578
Origin: https://vitafirmsecret.com
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://vitafirmsecret.com
access-control-allow-credentials: true
date: Sun, 27 Nov 2022 18:29:47 GMT
X-Firefox-Spdy: h2
d10lpsik1i8c69.cloudfront.net/w.js
54.230.245.48200 OK 0 B URL HTTP/2 d10lpsik1i8c69.cloudfront.net/w.js
IP 54.230.245.48:0
GET /w.js HTTP/1.1
Host: d10lpsik1i8c69.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 27 Nov 2022 18:21:35 GMT
cache-control: max-age=3600
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V2V2UFQjvAHzNmpRWkUkH4Mc9wgwMZQI2xGspxyC52j7bhKti0ENyg==
age: 489
X-Firefox-Spdy: h2
vitafirmsecret.com/special-announcement/img/shipping.svg
69.172.200.220200 OK 0 B URL HTTP/2 vitafirmsecret.com/special-announcement/img/shipping.svg
IP 69.172.200.220:0
GET /special-announcement/img/shipping.svg HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: image/svg+xml
last-modified: Wed, 11 May 2022 20:48:13 GMT
etag: W/"627c210d-18a5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: c602a9e0f0cb6cc7d202fa8b636eef6c
server: DOSarrest
X-Firefox-Spdy: h2
vitafirmsecret.com/special-announcement/img/icons-fda.svg
69.172.200.220200 OK 0 B URL HTTP/2 vitafirmsecret.com/special-announcement/img/icons-fda.svg
IP 69.172.200.220:0
GET /special-announcement/img/icons-fda.svg HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: image/svg+xml
last-modified: Wed, 11 May 2022 20:48:12 GMT
etag: W/"627c210c-10ef4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: 930977caa04eb54c0c360eadafa382ed
server: DOSarrest
X-Firefox-Spdy: h2
vitafirmsecret.com/special-announcement/js/scripts.js
69.172.200.220200 OK 0 B URL HTTP/2 vitafirmsecret.com/special-announcement/js/scripts.js
IP 69.172.200.220:0
GET /special-announcement/js/scripts.js HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 20:48:14 GMT
etag: W/"627c210e-1a009"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: a2c70396d77175dd2480823c8bd076d2
server: DOSarrest
X-Firefox-Spdy: h2
display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7540&background=transparent
172.66.40.141200 OK 0 B URL HTTP/2 display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=7540&background=transparent
IP 172.66.40.141:0
GET /v1/disclaimer?id=disclaimer&account_id=7540&background=transparent HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 770cee4a0d04b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vitafirmsecret.com/special-announcement/img/cards.svg
69.172.200.220200 OK 0 B URL HTTP/2 vitafirmsecret.com/special-announcement/img/cards.svg
IP 69.172.200.220:0
GET /special-announcement/img/cards.svg HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: image/svg+xml
last-modified: Wed, 11 May 2022 20:48:12 GMT
etag: W/"627c210c-2f97"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: 05eca853760256233c1ac186039b035d
server: DOSarrest
X-Firefox-Spdy: h2
vitafirmsecret.com/special-announcement/css/style.css
69.172.200.220200 OK 0 B URL HTTP/2 vitafirmsecret.com/special-announcement/css/style.css
IP 69.172.200.220:0
GET /special-announcement/css/style.css HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 20:48:10 GMT
etag: W/"627c210a-52ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: 1b5c11dd65b2c1165c04d3fd2d88689b
server: DOSarrest
X-Firefox-Spdy: h2
www.clarity.ms/tag/avc8djswd5
13.107.237.53200 OK 0 B URL HTTP/2 www.clarity.ms/tag/avc8djswd5
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/avc8djswd5 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=0926bcbf3454426b8d117aee6c7361fa.20221127.20231127; expires=Mon, 27 Nov 2023 18:29:44 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 0mKyDYwAAAACKeVtzmsRhTbOSKw4kinHLQ1BIMzBFREdFMDQwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 27 Nov 2022 18:29:44 GMT
X-Firefox-Spdy: h2
emdlvr.com/fh36
172.67.187.198200 OK 0 B IP 172.67.187.198:0
Analyzer Verdict Alert fortinet Phishing
GET /fh36 HTTP/1.1
Host: emdlvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:41 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Executive 3.2.6 http://prettylink.com
set-cookie: prli_click_94=fh36; expires=Tue, 27-Dec-2022 18:29:41 GMT; Max-Age=2592000; path=/
prli_visitor=6383ac9512dbe; expires=Mon, 27-Nov-2023 18:29:41 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcPhXdqHpjGiYNReSmAlO5Wwsndrfjhsi7JAsAGZ8edeZJoYEJJi3UXQXmV3REeRCnbrRG8MFvM2A0Uh4i3vUvMx01B141Dbf61lYAqfIiIQ20p%2FWXLmeTbebJHK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770cee42ca2f1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
69.172.200.220200 OK 0 B URL HTTP/2 vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
IP 69.172.200.220:0
GET /special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emdlvr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:41 GMT
content-type: text/html
last-modified: Wed, 05 Oct 2022 14:59:17 GMT
etag: W/"633d9bc5-11e40"
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
set-cookie: uid=wKhaAWODrJWuyQBHAxObAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=0; path=/
cache-control: public, private
x-dis-request-id: e8772f2913d98dc06f2ed8301adaae09
server: DOSarrest
X-Firefox-Spdy: h2
vitafirmsecret.com/special-announcement/img/arrow-down.svg
69.172.200.220200 OK 0 B URL HTTP/2 vitafirmsecret.com/special-announcement/img/arrow-down.svg
IP 69.172.200.220:0
GET /special-announcement/img/arrow-down.svg HTTP/1.1
Host: vitafirmsecret.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vitafirmsecret.com/special-announcement/index.html?aff_id=662&subid=mw2agiop1127vitafirm
Cookie: uid=wKhaAWODrJWuyQBHAxObAg==; cnid=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 18:29:42 GMT
content-type: image/svg+xml
last-modified: Wed, 11 May 2022 20:48:11 GMT
etag: W/"627c210b-13c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: c3c2010c82dab9cdecf6232e051cb352
server: DOSarrest
X-Firefox-Spdy: h2