click.diet-health-food.com/?t=c&ids=MjM3NDI3NzQy__NTkzOA==__OTUxNzA4NQ==__NDM3&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGNDRteQ==
170.187.185.18301 Moved Permanently 351 B URL HTTP/1.1 click.diet-health-food.com/?t=c&ids=MjM3NDI3NzQy__NTkzOA==__OTUxNzA4NQ==__NDM3&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGNDRteQ==
IP 170.187.185.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2c6b47ca3c79d1fdaeb0ebb89da4a34f
3f9222645552dccddc9b4de94af0e3fe8e19390b
1441857d4a318715f770d05c68fc34bfc5f8b6b12ba33f335569359b767258ce
GET /?t=c&ids=MjM3NDI3NzQy__NTkzOA==__OTUxNzA4NQ==__NDM3&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGNDRteQ== HTTP/1.1
Host: click.diet-health-food.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 12 Nov 2022 19:32:18 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 351
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: upgrade-insecure-requests
Location: https://click.diet-health-food.com/?t=c&ids=MjM3NDI3NzQy__NTkzOA==__OTUxNzA4NQ==__NDM3&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGNDRteQ==
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7014
Expires: Sat, 12 Nov 2022 21:29:12 GMT
Date: Sat, 12 Nov 2022 19:32:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5227
Cache-Control: max-age=145564
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:18 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 11:58:22 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10345
Expires: Sat, 12 Nov 2022 22:24:43 GMT
Date: Sat, 12 Nov 2022 19:32:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 18:44:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2895
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EeI/h26EY/+uLuiZdDfHaL+3trnq19jQen5WjK32kefvAwpm8yoYot6zOMFMNzEyUL7rXGmQIlM=
x-amz-request-id: SAJXSKPHQ3Z7QQMV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 19:13:06 GMT
age: 1152
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 555337dfa0a16d74d9e8a1e1c2be5bfa
e5425299e908d3365022bdd945eed34448003b0e
3a75d32439b47d933ea4a1f121ccda1516d06111d01035293c67136507189386
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A75D32439B47D933EA4A1F121CCDA1516D06111D01035293C67136507189386"
Last-Modified: Fri, 11 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17785
Expires: Sun, 13 Nov 2022 00:28:44 GMT
Date: Sat, 12 Nov 2022 19:32:19 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f66b24e53f8c0d696f9ff61ec98e7624
3353baff169fb975f9b0ab0a581e89cdc866faab
104892f25877aa8d08edb1d59d9ff2ded58096e2b92912e4539d91d5afcf9d2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107894
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:19 GMT
Etag: "636ef739-118"
Expires: Mon, 14 Nov 2022 01:30:33 GMT
Last-Modified: Sat, 12 Nov 2022 01:30:33 GMT
Server: nginx
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 18:44:48 GMT
cache-control: public,max-age=3600
age: 2851
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 519
Cache-Control: max-age=135792
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:19 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 09:15:31 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f66b24e53f8c0d696f9ff61ec98e7624
3353baff169fb975f9b0ab0a581e89cdc866faab
104892f25877aa8d08edb1d59d9ff2ded58096e2b92912e4539d91d5afcf9d2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=107894
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:19 GMT
Etag: "636ef739-118"
Expires: Mon, 14 Nov 2022 01:30:33 GMT
Last-Modified: Sat, 12 Nov 2022 01:30:33 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a307b67b194fc3225a4a86575fca7ae1
5ddc7c3d2302c18fa577651720f4295954522640
8005fbd9a97fc40e58703ef125147f7eb4d32c2537915daf2e260ed63c2c7fd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=139605
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:19 GMT
Etag: "636f7318-116"
Expires: Mon, 14 Nov 2022 10:19:04 GMT
Last-Modified: Sat, 12 Nov 2022 10:19:04 GMT
Server: nginx
Content-Length: 278
push.services.mozilla.com/
52.89.15.44101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.15.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gMR/V16ouLqAoQwfzEyrUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: efdNnOlEUeqOjdLE0DoX6oEr0ec=
get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
172.67.214.203200 OK 9.3 kB URL HTTP/2 get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
IP 172.67.214.203:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (466)
Hash 1f9c0b4cdc1f7ff49f89b17c20e13ee4
a45c2f4f6b7cd2b033bd0b02391ec3a57046f86a
d3c6ed16e8a1cbf43a289c24f24546033c0fc76c09e845956c891b924807cf22
GET /video/?aff_id=3438&subid=agi1112vistaclear HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emdlvr.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYzoCjsSYE%2B9acL8ZI0idfjbLuyjqAg%2B2qWEajuqULDonH2UuhBpaKXkf2MMbNZC42bN%2BTwjn0RJYNM%2FQhCv252%2BbaL3EET%2FUbEBHZA95gnJ5JpSIlh1fYusNyuZx3PBCZWREn8oxy0l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7691b1679eb40afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/img/vic1.png
172.67.214.203200 OK 40 kB URL HTTP/2 get.vistaclear2020.com/includes/img/vic1.png
IP 172.67.214.203:0
File type PNG image data, 400 x 212, 8-bit/color RGBA, non-interlaced\012- data
Hash b71d5ecdedfd55d79af9f1ef9968cac8
9e00cbab99d23c27cca8ab8615b79f64bc54f3af
ed46af19a11f602759f20cd8bcda6f2239310d9d92d2abd01fd4910963da9b32
GET /includes/img/vic1.png HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: image/png
content-length: 40405
cache-control: public, max-age=604800
expires: Fri, 04 Nov 2022 20:19:15 GMT
etag: "9dd5-60412265-2b6d35;;;"
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
cf-cache-status: HIT
age: 31707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlZzcvSCEsmvN8nzPYdv8fudPy6nK59IQGU1eSeprrgC1pA%2FkEl0ETcSRPgxHY6LeTE%2Fj41vB0u%2B%2F0JYPUKBlPa6O%2BJ4BGMo1%2BgkT8OCulGF3BEE8peQeMXfv3cSFiePN0PhmdZ12DpA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7691b168b80f0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/img/pay-options.png
172.67.214.203200 OK 4.3 kB URL HTTP/2 get.vistaclear2020.com/includes/img/pay-options.png
IP 172.67.214.203:0
File type PNG image data, 253 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash e236aa3c5a3e55d0d62315f87f575d54
f5a168aae7a06fe1a6c9d17bb834981219606a34
c12e2f60b80fa9074d82e5d8c9e210efb5e400cd74cdb2e93736ba5fcb0dcc1d
GET /includes/img/pay-options.png HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: image/png
content-length: 4255
cache-control: public, max-age=604800
expires: Fri, 18 Nov 2022 00:10:37 GMT
etag: "109f-60412265-2b6d1f;;;"
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
cf-cache-status: HIT
age: 31707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCt8rY4ffpnG3DH6kVqFDmPVlWa8sHG6XhO2Wt%2BLvKSJK7cbnn9f%2FYud0YcqePqbIbnG03tkd%2Fq6u8Cva22k2ZKlkH3QkGgsRHPmRMO2fEoux5rrciD0sj4OQ5qmzM3J5LnFl%2B3gUyjj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7691b168b8100afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/img/vic6.png
172.67.214.203200 OK 107 kB URL HTTP/2 get.vistaclear2020.com/includes/img/vic6.png
IP 172.67.214.203:0
File type PNG image data, 400 x 212, 8-bit/color RGBA, non-interlaced\012- data
Size 107 kB (107442 bytes)
Hash 49b42caec257784bb312c230331e4591
3fc3a467b6cdd8e5cc4b51ca7a8bb0da288c9691
b3ff0b2e546fdc7f4caac0dc1b099ab4c2c18c2ac102f7073ba31ca3a545a5e9
GET /includes/img/vic6.png HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: image/png
content-length: 107442
cache-control: public, max-age=604800
expires: Tue, 02 Aug 2022 09:28:48 GMT
etag: "1a3b2-60412265-2b6d3b;;;"
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
cf-cache-status: HIT
age: 31707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfcB03RKbWZOFXp%2FwMl50pfMtXWjZ0q73QhXiyFIZ0aZ0OxXy9WNtYH8wXpu5nuimSWiPiMDuL5svgjPOWmzJ5qDMrB1uvcv1R%2BwfPDkdhm0STtk0jFEq9qv6j%2BlP5rkf1E%2FHyJv7Z07"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7691b168b8110afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/img/ribbon.png
172.67.214.203200 OK 56 kB URL HTTP/2 get.vistaclear2020.com/includes/img/ribbon.png
IP 172.67.214.203:0
File type PNG image data, 341 x 341, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d55e1f3073dc3b866fd013c5e2f3bc1
52e1d89fba133a084c2196ad51789e99f787d4b9
716f295ea85d561b2a579e809cc86a6bf3095361911fa93858d75a29c941f5e6
GET /includes/img/ribbon.png HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: image/png
content-length: 55598
cache-control: public, max-age=604800
expires: Tue, 02 Aug 2022 09:28:48 GMT
etag: "d92e-60412265-2b6d27;;;"
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
cf-cache-status: HIT
age: 31707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvU1IMCsbeL4G%2FXElT1LzDnfz%2FNNINBSxsZM0Q6Fu%2BBjCvocIC1yoovLNATXGDBAjT5ptcIC1oP%2BTJbLuT%2FEo%2BuS2fKQRqq5x1gP1Zu5FiSb60fAyQE%2B0EeXN78Ns5XpvHkpWHcewOPu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7691b168b8150afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/img/vic3.png
172.67.214.203200 OK 79 kB URL HTTP/2 get.vistaclear2020.com/includes/img/vic3.png
IP 172.67.214.203:0
File type PNG image data, 400 x 212, 8-bit/color RGBA, non-interlaced\012- data
Hash 9959207cc4a24d984e8d2f4689ce439e
e59cd5ffaf6d1c01b7f13d634fc47d66b0175ac7
438ba2d0d96f4fb094f23d0d12d8f8f97ab3ae9e2fcf4e9964a9da2592148b75
GET /includes/img/vic3.png HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: image/png
content-length: 78639
cache-control: public, max-age=604800
expires: Fri, 18 Nov 2022 17:32:10 GMT
etag: "1332f-60412265-2b6d39;;;"
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
cf-cache-status: HIT
age: 31707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSVofseCjIFyHSnIq42gV7%2BsOIRyP%2FN53eB5KgmQh1L0thxepqFrYvRKqZxDuFlzAG5JNvkMjb9PnFRyWgUT4UVifRmJtgr0e%2FRKMqRKbx0JRcfU2GqBYdMsGQuIMwYWJp9P3bLNV4NB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7691b168b8130afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/img/buygoods_black.png
172.67.214.203200 OK 9.6 kB URL HTTP/2 get.vistaclear2020.com/includes/img/buygoods_black.png
IP 172.67.214.203:0
File type PNG image data, 317 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d71f7ea33d7cf0a541695ad98c1ae5d
50412c4e902b21dabdf1bfa98f2b792d966b9b28
ff275d0907ee3185c117355cad64b0ded33ff9b98422ba6877fc50e7c1f7bb52
GET /includes/img/buygoods_black.png HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: image/png
content-length: 9596
cache-control: public, max-age=604800
expires: Fri, 11 Nov 2022 13:41:55 GMT
etag: "257c-60412265-2b6d08;;;"
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
cf-cache-status: HIT
age: 31707
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9b6TdUV%2Fp9p4RVIi6P2nxKUkwB5HUkKAMOzCIj6Oi1qtPcJeoL%2Fja0WEPSK%2BvGx868FIJA5R8BwIsrKukZAG6GA94AFeuoUZbKSAZLujNKxEY4863vj80DhsMIbsmFpgeb0GyvDWO89G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7691b168c8190afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4b01094abe63d3e4923f252f0c039fe7
8c5814463774a0dc794d1230a204893464d4607e
59b7ff9c36d4adf4201f58f633c4c18ab66f81db58ba93d24c78f0e39d93bba0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112566
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:20 GMT
Etag: "636f097a-117"
Expires: Mon, 14 Nov 2022 02:48:26 GMT
Last-Modified: Sat, 12 Nov 2022 02:48:26 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NXRWNWV
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NXRWNWV
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 981021578cf8f5a5c4c08530cd8d135c
958a65154e4ac3776e656f935ad3ba8a667ea621
46d72787c2a97cbba224e62c9babe2a4319b3d356af77ec9b8cb9378b2f749a0
GET /gtm.js?id=GTM-NXRWNWV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 19:32:20 GMT
expires: Sat, 12 Nov 2022 19:32:20 GMT
cache-control: private, max-age=900
last-modified: Sat, 12 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4b01094abe63d3e4923f252f0c039fe7
8c5814463774a0dc794d1230a204893464d4607e
59b7ff9c36d4adf4201f58f633c4c18ab66f81db58ba93d24c78f0e39d93bba0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=112566
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:20 GMT
Etag: "636f097a-117"
Expires: Mon, 14 Nov 2022 02:48:26 GMT
Last-Modified: Sat, 12 Nov 2022 02:48:26 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 21e62dc5ed53094ea9eb654972cd19ad
338efa322545fa9dc8604614e06660ebce547746
e99318e6b3388a9586a849b2c15cf152fbe70423e315190387e8f8fbdead67b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2650
Cache-Control: max-age=87150
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:20 GMT
Etag: "636e9bd8-117"
Expires: Sun, 13 Nov 2022 19:44:50 GMT
Last-Modified: Fri, 11 Nov 2022 19:00:40 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e569acd833d180f3c2fba0919fbeb704
60a3121c9bf8e08a8a7fe70001c24b6f8c9981f5
994bee0670c93479c3e835985d24d7ce41fbc0a3013e173d79ea1ea5f63ac85c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
emdlvr.com/44my
104.21.51.219200 OK 799 B IP 104.21.51.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c4e14181145e7ed8daa3b2511ff3504
5ab1d027783153710ec3d5cb08c5478b280a04b5
539e8b4050bc28645f3896eb4ca72db406c9eb6fd10a5498f86cef191dca3055
Analyzer Verdict Alert fortinet Phishing
GET /44my HTTP/1.1
Host: emdlvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Executive 3.2.6 http://prettylink.com
set-cookie: prli_click_53=44my; expires=Mon, 12-Dec-2022 19:32:19 GMT; Max-Age=2592000; path=/
prli_visitor=636ff4c37a8f9; expires=Sun, 12-Nov-2023 19:32:19 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZDDui5v5%2Fl6lHDtUcqdo7jUGC2D4q8UK3WmHPgfkw%2BJKrbgql3RSYuQfDOjIPVuxVAXZvTcWhUm%2BFN0bG73b%2FDQCvByEQNBYXztDUizM3eoEVnRQDkrLGvXYCN0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7691b164cf8cb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.46200 OK 54 kB URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.46:0
File type ASCII text, with very long lines (509)
Hash df0a449bf2528d5b2c2c67d979d17d5e
1a884f6c1032d9447c510945af4313f0b759ca85
cb91863f1aa0e4e4f25753f8529002215310bb6c3a4cb8762dbf6e58ec6006e2
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sat, 12 Nov 2022 19:32:20 GMT
date: Sat, 12 Nov 2022 19:32:20 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=j8f671N_iuc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Oz7YnTVcv1k; Domain=.youtube.com; Expires=Thu, 11-May-2023 19:32:20 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+536; expires=Mon, 11-Nov-2024 19:32:20 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-EHC18Y9QGN>m=2oeb90&_p=158813039&cid=711294577.1668281539&ul=en-us&sr=1280x1024&_s=1&sid=1668281539&sct=1&seg=0&dl=https%3A%2F%2Fget.vistaclear2020.com%2Fvideo%2F%3Faff_id%3D3438%26subid%3Dagi1112vistaclear&dr=https%3A%2F%2Femdlvr.com%2F&dt=Vista%20Clear%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-EHC18Y9QGN>m=2oeb90&_p=158813039&cid=711294577.1668281539&ul=en-us&sr=1280x1024&_s=1&sid=1668281539&sct=1&seg=0&dl=https%3A%2F%2Fget.vistaclear2020.com%2Fvideo%2F%3Faff_id%3D3438%26subid%3Dagi1112vistaclear&dr=https%3A%2F%2Femdlvr.com%2F&dt=Vista%20Clear%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-EHC18Y9QGN>m=2oeb90&_p=158813039&cid=711294577.1668281539&ul=en-us&sr=1280x1024&_s=1&sid=1668281539&sct=1&seg=0&dl=https%3A%2F%2Fget.vistaclear2020.com%2Fvideo%2F%3Faff_id%3D3438%26subid%3Dagi1112vistaclear&dr=https%3A%2F%2Femdlvr.com%2F&dt=Vista%20Clear%20-%20Video%20Presentation&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://get.vistaclear2020.com
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://get.vistaclear2020.com
date: Sat, 12 Nov 2022 19:32:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/css/bootstrap.min.css
172.67.214.203200 OK 75 kB URL HTTP/2 get.vistaclear2020.com/includes/css/bootstrap.min.css
IP 172.67.214.203:0
File type ASCII text, with very long lines (65324)
Hash 89ca18d8a0bdfd7acefc3e20707ce876
3c8329f3f4fcd053a130597d9bfd1da83e6bcd5d
46dfc5db2c47ba487829d45633df4fba9ac41daa716a5599df4202759b821955
GET /includes/css/bootstrap.min.css HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 02 Aug 2022 08:42:31 GMT
etag: W/"27293-60412265-2b6cec;gz"
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 31707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7ecitG25QNDp7xTpPJqLmvpxBNlYmRXfcprllIQcWe61v2ceC2zSETIfSmmufU%2Bs3bSTDB22HYziL3bIX24cpyPK2N1FgQBPH4e0s3UIg96t0Z0xuQocmzKM%2Bg%2FIg1J0yGthoql%2Bs5h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7691b168affc0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e3f9965225cba49c71506d7dee4c1647
d1d30248236cfe679fa182860d69634d30f5b0ca
8a2641a2fa1026f8893b4acf7f7c78c633a1408779f3063c87ad292729300d97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 12:31:58 GMT
expires: Sun, 12 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 25223
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:46:16 GMT
expires: Fri, 10 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 164765
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4026
Expires: Sat, 12 Nov 2022 20:39:27 GMT
Date: Sat, 12 Nov 2022 19:32:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43e4308988c320212eab6fb4d27c215e
2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd
56efcb5d90ed224301384c850ec2f11317c2426fdc8ed6f88a211bbb75e6871e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12578
x-amzn-requestid: 60fda47c-9518-4ab3-8f94-4e925f0b6773
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8iHeHoAMFQFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e9-62597e7b5c0f3b6b1e53bcce;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FSquX2GRcCI4_Onwfi5qm_oBKl5EvL1RZJO84zJgyoEr7tPVTMy9dQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:01:48 GMT
age: 77433
etag: "2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f09e254cd6f2e29b3bf198cc5d58a46f
fa34520e849bf746ff43aec3d28beb9e4be44f4d
2e29eace95fd8cb5b6d77df880d2044ecab4206cba47931c3a95e77c1b4e9d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 2a2d20f4-3aa5-475e-8ec2-fc569766335e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQGAhIAMFrjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-26dc0259793ec94814f3d41a;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BcjpdZlgZPqBX1rk3Th_XlwHrDYoeAT8pWaH7I21WnkfFzvzJE8ekw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:42:55 GMT
age: 78566
etag: "fa34520e849bf746ff43aec3d28beb9e4be44f4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2y97S3ITb7MLXuIIAQfCCKjgvOXisdCT5mod7OD588LOhPCy_OrUXQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:02:21 GMT
age: 77400
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FWEdPT057SMVCBc7ZYbPnfW1z5mB7iubIXzrj3HlctKtwRx2PuncSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 08:39:57 GMT
age: 39144
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7wqdiuomEgaQlE1P5gopDGXbAkmh3ohPXYDcBWczuYFEcj8nczk9_w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:52:57 GMT
age: 77964
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38e32fc94c445ff47da5d2907e61e3a4
c76588ccaf97fdfd6e73833083200cb49a01a4af
e4e3947b2248206c9dacfd35ff5619ca3b3ae56a7bcd565d40ed048839ffa075
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5478
x-amzn-requestid: c06e47c6-da2a-4a70-af2a-c1268557b913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM67FEEIAMF-pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-0628d00244323ddf727e0b80;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zeJU6wVmWDIbVDBlTYvTh8e78isxbmNC0GKWdKqdI5abbdERoyzpA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:23:30 GMT
age: 76131
etag: "c76588ccaf97fdfd6e73833083200cb49a01a4af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 125323db3ff29b80f81fae08e2d58df6
5a407fed4d6d43f2a4ccc6d5168f147d7f2af4a2
6e100312be7aa9f36164adeb96b6cead8685c4c0a1d950334128f598b17a945b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6496
Cache-Control: max-age=138516
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Etag: "636f5579-1d7"
Expires: Mon, 14 Nov 2022 10:00:57 GMT
Last-Modified: Sat, 12 Nov 2022 08:12:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: +zLeNtV2IsUOQj+26EhWya3cTCysD48AtghkAqZ20h/LdWjF1DE96KXESQcEM+gRaVvzU44RLGVdvHUQYPlzRA==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 1904183273
date: Sat, 12 Nov 2022 19:32:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 125323db3ff29b80f81fae08e2d58df6
5a407fed4d6d43f2a4ccc6d5168f147d7f2af4a2
6e100312be7aa9f36164adeb96b6cead8685c4c0a1d950334128f598b17a945b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6496
Cache-Control: max-age=138516
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Etag: "636f5579-1d7"
Expires: Mon, 14 Nov 2022 10:00:57 GMT
Last-Modified: Sat, 12 Nov 2022 08:12:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 825b44d24d8bc851404dded7ee683a42
2887c729f065c930e405c4d2a39132e4716701c0
09076a8b67da7f3a4fc47d793de28b62433a97dd68d9b1ffb27355c27fad9b14
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 19:29:05 GMT
expires: Sat, 12 Nov 2022 19:44:05 GMT
cache-control: public, max-age=900
age: 196
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.2302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 12 Nov 2022 19:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 825b44d24d8bc851404dded7ee683a42
2887c729f065c930e405c4d2a39132e4716701c0
09076a8b67da7f3a4fc47d793de28b62433a97dd68d9b1ffb27355c27fad9b14
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 23dd8b12572b78e5d32d491b3d0d9d32
718c3e3abcc55c295c72e5ee4e5441fe5acc1363
f72c359246ea96d4f28bbc5aee8d4d24fcba9f47dfc691693f6c49e370d9b103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 86 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
File type gzip compressed data, from Unix\012- data
Hash f4b42edef670fa17fb24e9c734a7acad
d5f41b15dc67209f514ba71ba3437ac0301d207a
ea614469c10a36025c7a9d379db717b88ab3c70ca4436019105a1846490965d3
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 12 Nov 2022 19:32:21 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
go.maxweb.com/conversion/iframe/?a=6605&token=6bbae26b12e89951101d4f1816aaa7b5
172.66.40.143200 OK 930 B URL HTTP/2 go.maxweb.com/conversion/iframe/?a=6605&token=6bbae26b12e89951101d4f1816aaa7b5
IP 172.66.40.143:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1ddf1b7032c87bd52d4b6fb2b894ed9e
c0b7aa89daf81d6083d934999ab517c8c2f67585
3b226111c0d33284bb7abe8e691ae7c7340a215a2253d1b477312e9ad622f5b7
GET /conversion/iframe/?a=6605&token=6bbae26b12e89951101d4f1816aaa7b5 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Sat, 12 Nov 2022 20:32:21 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7691b16d4d240b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.202200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 3b1712aa1326d21909225496ce3e3564
cf48cdc8203c32f43bb3565e4441f7db642409e5
82b0191b11a1fcad893e0005b1e7fdd2c5060841b502cef4beaa8f331b967d49
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 12 Nov 2022 19:32:21 GMT
server: ESF
cache-control: private
content-length: 31066
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/4SYq0xIO-MK2Jr4OcNDxUBrGM44TY0h05pr7aY6Tf6c.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/4SYq0xIO-MK2Jr4OcNDxUBrGM44TY0h05pr7aY6Tf6c.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35997)
Hash 0d39fb7048438d673bf4164bb65fbbcc
8be882770bc26b2ed49ef59322b82fe23cd8c6c2
edc6ea4d9294c971c4541d7b04425c364c75cd5a94b7a68203a63ac96b13ddf4
GET /js/th/4SYq0xIO-MK2Jr4OcNDxUBrGM44TY0h05pr7aY6Tf6c.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14246
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 16:22:42 GMT
expires: Tue, 07 Nov 2023 16:22:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
age: 443379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4b46bbcd35c85c4678b0e3e409bba3bc
bb0705335e28414345ad5fcdd61104cf2fbbbbc4
6c3df7e6d0a8491fe24c03df2ccba059ba2f84155a680a4a22f217d3870cff95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 562149e460e7949cc1e3726ac7c854bf
90c304ab2081e4d04e1c6a176e8193787986a0b2
9f83f2b72570abc2c662aacf80e9eac0ab0410de0e147b2f786767edd4dcc4fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-yWoHCB6YuibfRCCa-QONjGyInqw1wx96T1Q=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-yWoHCB6YuibfRCCa-QONjGyInqw1wx96T1Q=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash e8157af81b11f73148cc743f2b0a4f1b
7f087ada66df8aad4796401989cbe722e046e6a9
52c11306053959a9d81f734827c36c10471ff85c6147519022c337720fc0d412
GET /ytc/AMLnZu-yWoHCB6YuibfRCCa-QONjGyInqw1wx96T1Q=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1102
x-xss-protection: 0
date: Sat, 12 Nov 2022 15:57:32 GMT
expires: Sun, 13 Nov 2022 15:57:32 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 12889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 562149e460e7949cc1e3726ac7c854bf
90c304ab2081e4d04e1c6a176e8193787986a0b2
9f83f2b72570abc2c662aacf80e9eac0ab0410de0e147b2f786767edd4dcc4fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 12 Nov 2022 19:32:22 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.202200 OK 112 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.202:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f654374835cb5e2026c577bbf47f08a7
7af788118dd0839e0377ad04a383cc962aa87d7b
fec46b59c3f2f3db3e90afecba6e8d9c2ecf70a9b2e6a84e6a73e528cc80bbc1
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1182
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 12 Nov 2022 19:32:22 GMT
server: ESF
cache-control: private
content-length: 112
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1665153503829428&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541404&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668281540633&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1665153503829428&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541404&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668281540633&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1665153503829428&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541404&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668281540633&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 19:32:22 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=985770698745745&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541420&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668281540633&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=985770698745745&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541420&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668281540633&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=985770698745745&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541420&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668281540633&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 19:32:22 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1665153503829428&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541398&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668281540633&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1665153503829428&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541398&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668281540633&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1665153503829428&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541398&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668281540633&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 19:32:22 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=985770698745745&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541400&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668281540633&coo=false&exp=d0&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=985770698745745&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541400&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668281540633&coo=false&exp=d0&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=985770698745745&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541400&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668281540633&coo=false&exp=d0&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 19:32:22 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=650634019303740&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541402&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668281540633&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=650634019303740&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541402&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668281540633&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=650634019303740&ev=PageView&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541402&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1668281540633&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 19:32:22 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 81ccbb7902c863166f53a39640243ffa
dfafdca34fcbe6216aca0fd5f4546d619de158e4
9cbbd3060811fdf09a697c428feac29738d4a443a64330b5a74164c8574fc4ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9d89e840337688527624a94be6a58da1
81e4213ab25c3cdb49772835a2c2a303a66dce92
cb913d113388cab6ea0c1cec10fa8629b74621e01448ed98250afbd58b6b0bc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=650634019303740&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541427&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668281540633&coo=false&rqm=GET
31.13.72.36200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=650634019303740&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541427&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668281540633&coo=false&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Hash 66b2e601fed3fb115a65c2487221639c
f36e87342d2a5f203220528cd6cfaf555f690932
2640463c4d44fd27759a2327882a8510fb95651ae13c782a46e6d9fa08971abf
GET /tr/?id=650634019303740&ev=ViewContent&dl=https%3A%2F%2Fgo.maxweb.com%2Fconversion%2Fiframe%2F%3Fa%3D6605%26token%3D6bbae26b12e89951101d4f1816aaa7b5&rl=https%3A%2F%2Fget.vistaclear2020.com%2F&if=true&ts=1668281541427&sw=1280&sh=1024&v=2.9.89&r=stable&ec=1&o=30&it=1668281540633&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 12 Nov 2022 19:32:22 GMT
X-Firefox-Spdy: h2
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2157500&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=video%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&mt=1668281158&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPeiv2pwN6obofhUAW12NHhQEHXFOQEqqfA7ykHn-OdXAiEA3616aD51RjhKEntoVtReRHEIK5D616UGb7ryHc1iIPE%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAM8aMvxxW7UJuBv2sCjzdxwzRw2U1NFooblwUkVQWNR7AiBVnmxwgu5DmztdPBE0ehKzUPQEEcl2QaG6HW5PbMOBcw%3D%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&range=0-164056&rn=1&rbuf=0
91.90.45.173200 OK 164 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2157500&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=video%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&mt=1668281158&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPeiv2pwN6obofhUAW12NHhQEHXFOQEqqfA7ykHn-OdXAiEA3616aD51RjhKEntoVtReRHEIK5D616UGb7ryHc1iIPE%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAM8aMvxxW7UJuBv2sCjzdxwzRw2U1NFooblwUkVQWNR7AiBVnmxwgu5DmztdPBE0ehKzUPQEEcl2QaG6HW5PbMOBcw%3D%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&range=0-164056&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Size 164 kB (164057 bytes)
Hash 4fe403031aafda61e6575746e7aa54e3
44b2eab9eac1938503a4542d67b5e1d1daad74f6
81ffb466fbc2e2e3f115f90ffba79c881b8db35a69f22b5ec04ab57b4746efdb
GET /videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2157500&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=video%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=113954821&dur=4012.475&lmt=1616274691097103&mt=1668281158&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPeiv2pwN6obofhUAW12NHhQEHXFOQEqqfA7ykHn-OdXAiEA3616aD51RjhKEntoVtReRHEIK5D616UGb7ryHc1iIPE%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAM8aMvxxW7UJuBv2sCjzdxwzRw2U1NFooblwUkVQWNR7AiBVnmxwgu5DmztdPBE0ehKzUPQEEcl2QaG6HW5PbMOBcw%3D%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&range=0-164056&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 20 Mar 2021 21:11:31 GMT
Content-Type: video/webm
Date: Sat, 12 Nov 2022 19:32:22 GMT
Expires: Sat, 12 Nov 2022 19:32:22 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 164057
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9d89e840337688527624a94be6a58da1
81e4213ab25c3cdb49772835a2c2a303a66dce92
cb913d113388cab6ea0c1cec10fa8629b74621e01448ed98250afbd58b6b0bc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=251&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2157500&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=audio%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=59542755&dur=4012.501&lmt=1616273605294414&mt=1668281158&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKSl80f_OhlJvmrlAy9O4QB9sZiUDi3fhNBSi5IfEdF0CIQCYvEGcW-WAPwZpdcNB9pVpPcM3xZ7XyPy6W5Lpj62V6A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAM8aMvxxW7UJuBv2sCjzdxwzRw2U1NFooblwUkVQWNR7AiBVnmxwgu5DmztdPBE0ehKzUPQEEcl2QaG6HW5PbMOBcw%3D%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&range=0-72917&rn=2&rbuf=0
91.90.45.173200 OK 73 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=251&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2157500&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=audio%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=59542755&dur=4012.501&lmt=1616273605294414&mt=1668281158&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKSl80f_OhlJvmrlAy9O4QB9sZiUDi3fhNBSi5IfEdF0CIQCYvEGcW-WAPwZpdcNB9pVpPcM3xZ7XyPy6W5Lpj62V6A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAM8aMvxxW7UJuBv2sCjzdxwzRw2U1NFooblwUkVQWNR7AiBVnmxwgu5DmztdPBE0ehKzUPQEEcl2QaG6HW5PbMOBcw%3D%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&range=0-72917&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 769c5a0efa206fa8c5ad965df13609d4
d8dfd5191736eccb2265faadc40ca7b6463c762f
a4e26c5760adc1ad994c6e3798cef7bec7af5ac208979582f37bf126597a6ea5
GET /videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=251&source=youtube&requiressl=yes&mh=2y&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2157500&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=audio%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=59542755&dur=4012.501&lmt=1616273605294414&mt=1668281158&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKSl80f_OhlJvmrlAy9O4QB9sZiUDi3fhNBSi5IfEdF0CIQCYvEGcW-WAPwZpdcNB9pVpPcM3xZ7XyPy6W5Lpj62V6A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAM8aMvxxW7UJuBv2sCjzdxwzRw2U1NFooblwUkVQWNR7AiBVnmxwgu5DmztdPBE0ehKzUPQEEcl2QaG6HW5PbMOBcw%3D%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&range=0-72917&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 20 Mar 2021 20:53:25 GMT
Content-Type: audio/webm
Date: Sat, 12 Nov 2022 19:32:22 GMT
Expires: Sat, 12 Nov 2022 19:32:22 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 72918
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 557fc016874475a1a014019b46509cde
82499956bc46b937465fbc356225508f85235c15
3db6143fe0faf3cb8084f09b7338a77b7281a65bb42343db2e0428caa396b540
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5goeenez.googlevideo.com/videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=video%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=185147235&dur=4012.475&lmt=1616274691095650&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMfVU4SXYg0QFC7ra3p7jd-6sF1dYJF6BubsEnmKQ1K2AiEA9BMgpD15wQAgvQw_qZT4SFJd1VXerNeq4-XxIwNpU34%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668281406&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgWzs8cYS8IAPuTjPDTy4OHaGvpHEr9B-ZgL_to0w0VuoCIQDf6-De8g62ikfcWk9sRBQ5_Cyhel-lWISZqMT7D6g23w%3D%3D&range=0-13863&rn=4&rbuf=0&pot=D330wZYBcxU-fc8D_j6TW31Lv7GXW4x2PAeIAvDvuyLhC0Ui9Hy5oYv5_5XuKxJ2FK_6QFo-ZzFFRTLdUKPTCVoxwVS1Yw2yIqdYk3e5pO474NYYKytzWttkwUNmffXyd54JqhTU-8M=
74.125.111.6200 OK 14 kB URL HTTP/1.1 rr1---sn-5goeenez.googlevideo.com/videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=video%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=185147235&dur=4012.475&lmt=1616274691095650&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMfVU4SXYg0QFC7ra3p7jd-6sF1dYJF6BubsEnmKQ1K2AiEA9BMgpD15wQAgvQw_qZT4SFJd1VXerNeq4-XxIwNpU34%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668281406&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgWzs8cYS8IAPuTjPDTy4OHaGvpHEr9B-ZgL_to0w0VuoCIQDf6-De8g62ikfcWk9sRBQ5_Cyhel-lWISZqMT7D6g23w%3D%3D&range=0-13863&rn=4&rbuf=0&pot=D330wZYBcxU-fc8D_j6TW31Lv7GXW4x2PAeIAvDvuyLhC0Ui9Hy5oYv5_5XuKxJ2FK_6QFo-ZzFFRTLdUKPTCVoxwVS1Yw2yIqdYk3e5pO474NYYKytzWttkwUNmffXyd54JqhTU-8M=
IP 74.125.111.6:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash e655dec99753180683f0399734be27d5
5817da83138bfe3e336721940a21df5ac1f6c2db
609c1bced5ab1d6ff0a6c2b7265a6f00c7f08bdd23ead13b2a3aa8aaacc8b07f
GET /videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=video%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=185147235&dur=4012.475&lmt=1616274691095650&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMfVU4SXYg0QFC7ra3p7jd-6sF1dYJF6BubsEnmKQ1K2AiEA9BMgpD15wQAgvQw_qZT4SFJd1VXerNeq4-XxIwNpU34%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668281406&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgWzs8cYS8IAPuTjPDTy4OHaGvpHEr9B-ZgL_to0w0VuoCIQDf6-De8g62ikfcWk9sRBQ5_Cyhel-lWISZqMT7D6g23w%3D%3D&range=0-13863&rn=4&rbuf=0&pot=D330wZYBcxU-fc8D_j6TW31Lv7GXW4x2PAeIAvDvuyLhC0Ui9Hy5oYv5_5XuKxJ2FK_6QFo-ZzFFRTLdUKPTCVoxwVS1Yw2yIqdYk3e5pO474NYYKytzWttkwUNmffXyd54JqhTU-8M= HTTP/1.1
Host: rr1---sn-5goeenez.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 20 Mar 2021 21:11:31 GMT
Content-Type: video/webm
Date: Sat, 12 Nov 2022 19:32:22 GMT
Expires: Sat, 12 Nov 2022 19:32:22 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 13864
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 557fc016874475a1a014019b46509cde
82499956bc46b937465fbc356225508f85235c15
3db6143fe0faf3cb8084f09b7338a77b7281a65bb42343db2e0428caa396b540
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:32:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5goeenez.googlevideo.com/videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=video%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=185147235&dur=4012.475&lmt=1616274691095650&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMfVU4SXYg0QFC7ra3p7jd-6sF1dYJF6BubsEnmKQ1K2AiEA9BMgpD15wQAgvQw_qZT4SFJd1VXerNeq4-XxIwNpU34%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668281406&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgWzs8cYS8IAPuTjPDTy4OHaGvpHEr9B-ZgL_to0w0VuoCIQDf6-De8g62ikfcWk9sRBQ5_Cyhel-lWISZqMT7D6g23w%3D%3D&range=1100716-2819076&rn=9&rbuf=15482&pot=D330wZYBcxU-fc8D_j6TW31Lv7GXW4x2PAeIAvDvuyLhC0Ui9Hy5oYv5_5XuKxJ2FK_6QFo-ZzFFRTLdUKPTCVoxwVS1Yw2yIqdYk3e5pO474NYYKytzWttkwUNmffXyd54JqhTU-8M=
74.125.111.6200 OK 1.7 MB URL HTTP/1.1 rr1---sn-5goeenez.googlevideo.com/videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=video%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=185147235&dur=4012.475&lmt=1616274691095650&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMfVU4SXYg0QFC7ra3p7jd-6sF1dYJF6BubsEnmKQ1K2AiEA9BMgpD15wQAgvQw_qZT4SFJd1VXerNeq4-XxIwNpU34%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668281406&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgWzs8cYS8IAPuTjPDTy4OHaGvpHEr9B-ZgL_to0w0VuoCIQDf6-De8g62ikfcWk9sRBQ5_Cyhel-lWISZqMT7D6g23w%3D%3D&range=1100716-2819076&rn=9&rbuf=15482&pot=D330wZYBcxU-fc8D_j6TW31Lv7GXW4x2PAeIAvDvuyLhC0Ui9Hy5oYv5_5XuKxJ2FK_6QFo-ZzFFRTLdUKPTCVoxwVS1Yw2yIqdYk3e5pO474NYYKytzWttkwUNmffXyd54JqhTU-8M=
IP 74.125.111.6:0
Size 1.7 MB (1718361 bytes)
Hash a0cc9d5ca00a3a0ae2d5d07c62afbf0a
6019f8716e97767afe79d870edc3804d2914e35c
04b14bed6ed04f7dd8f381c02d8fe6ec2a84812b09499d7baf52f5353047920f
GET /videoplayback?expire=1668303141&ei=xfRvY-zxLYT8yAXI5o2oDA&ip=91.90.42.154&id=o-AHXg1JH0FO_Pj89FS7Rs1Tluo56YKm15wlPx2Frk-cea&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=SFxXNmagWhiWfCuvn05SQndbHABE8ig&vprv=1&mime=video%2Fwebm&ns=JcRADGI8tSVovWyFKgkHmnsJ&gir=yes&clen=185147235&dur=4012.475&lmt=1616274691095650&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5432432&n=1tvNC-XN1w4BCA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMfVU4SXYg0QFC7ra3p7jd-6sF1dYJF6BubsEnmKQ1K2AiEA9BMgpD15wQAgvQw_qZT4SFJd1VXerNeq4-XxIwNpU34%3D&alr=yes&cpn=9Tj8td89_SbJVrkg&cver=1.20221106.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=2y&mm=29&mn=sn-5goeenez&ms=rdu&mt=1668281406&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgWzs8cYS8IAPuTjPDTy4OHaGvpHEr9B-ZgL_to0w0VuoCIQDf6-De8g62ikfcWk9sRBQ5_Cyhel-lWISZqMT7D6g23w%3D%3D&range=1100716-2819076&rn=9&rbuf=15482&pot=D330wZYBcxU-fc8D_j6TW31Lv7GXW4x2PAeIAvDvuyLhC0Ui9Hy5oYv5_5XuKxJ2FK_6QFo-ZzFFRTLdUKPTCVoxwVS1Yw2yIqdYk3e5pO474NYYKytzWttkwUNmffXyd54JqhTU-8M= HTTP/1.1
Host: rr1---sn-5goeenez.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 20 Mar 2021 21:11:31 GMT
Content-Type: video/webm
Date: Sat, 12 Nov 2022 19:32:22 GMT
Expires: Sat, 12 Nov 2022 19:32:22 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1718361
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
click.diet-health-food.com/?t=c&ids=MjM3NDI3NzQy__NTkzOA==__OTUxNzA4NQ==__NDM3&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGNDRteQ==
170.187.185.18200 OK 0 B URL HTTP/2 click.diet-health-food.com/?t=c&ids=MjM3NDI3NzQy__NTkzOA==__OTUxNzA4NQ==__NDM3&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGNDRteQ==
IP 170.187.185.18:0
GET /?t=c&ids=MjM3NDI3NzQy__NTkzOA==__OTUxNzA4NQ==__NDM3&url=aHR0cHMlM0ElMkYlMkZlbWRsdnIuY29tJTJGNDRteQ== HTTP/1.1
Host: click.diet-health-food.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/css/poppins.css
172.67.214.203200 OK 0 B URL HTTP/2 get.vistaclear2020.com/includes/css/poppins.css
IP 172.67.214.203:0
GET /includes/css/poppins.css HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=348
cache-control: public, max-age=604800
etag: W/"15c-60412265-2b6cef;gz"
expires: Fri, 18 Nov 2022 20:43:05 GMT
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 31707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dnOEZ9QTQvKxN7Hu5uBc7VeiTxpw17YosXezl38r3KU9GoPVrtaQnfeJheoSNS%2FBa%2F%2F0H7WT3b%2Fuhl180uXW3yfU2wOOy2ioVCjaKDnGf5XkuR4UklXwW6dcEeJxtVEmk5JEuhea79x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7691b168b80b0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/css/style.css
172.67.214.203200 OK 0 B URL HTTP/2 get.vistaclear2020.com/includes/css/style.css
IP 172.67.214.203:0
GET /includes/css/style.css HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=5466
cache-control: public, max-age=604800
etag: W/"155a-60412265-2b6cf1;gz"
expires: Tue, 02 Aug 2022 08:42:31 GMT
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 31707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFaqQOn%2Br3aPHeZbD%2Fk%2Bn8Kj6GxX%2F%2BbzMWPb6BH4gBjZ5IJjCnFRwN7D5JaYUqsbKMFQC8dGEKvSc64m%2FncZuPreMU2Qwfhs6S70fU4oKnVcLneT2IAUdbrJeht7LAli4R80vOSdkWCA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7691b168b80d0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/js/youtube-api.js
172.67.214.203200 OK 0 B URL HTTP/2 get.vistaclear2020.com/includes/js/youtube-api.js
IP 172.67.214.203:0
GET /includes/js/youtube-api.js HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=5084
cache-control: public, max-age=604800
etag: W/"13dc-604a65d1-2b6d42;gz"
expires: Mon, 03 Jan 2022 12:22:17 GMT
last-modified: Thu, 11 Mar 2021 18:47:45 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 31707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9c3ATseIoiwEGej28zmD4lW6Uv866gjh8SZWXHep9Y7y9ysZE%2BvVtPBKYb19b770Ve252bSNCmWGBnhMvDwd6QpDFr9wSEEBw57DJz84QJEykn4kyJJaruA98frlXtIZOAOkZez0hsW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7691b168b8170afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tracking.buygoods.com/track/?a=6574&firstcookie=0&referrer=https%3A%2F%2Femdlvr.com%2F&product=vista1,vista3,vista6&sessid2=&caller_url=https%3A%2F%2Fget.vistaclear2020.com%2Fvideo%2F%3Faff_id%3D3438%26subid%3Dagi1112vistaclear
172.66.43.22200 OK 0 B URL HTTP/2 tracking.buygoods.com/track/?a=6574&firstcookie=0&referrer=https%3A%2F%2Femdlvr.com%2F&product=vista1,vista3,vista6&sessid2=&caller_url=https%3A%2F%2Fget.vistaclear2020.com%2Fvideo%2F%3Faff_id%3D3438%26subid%3Dagi1112vistaclear
IP 172.66.43.22:0
GET /track/?a=6574&firstcookie=0&referrer=https%3A%2F%2Femdlvr.com%2F&product=vista1,vista3,vista6&sessid2=&caller_url=https%3A%2F%2Fget.vistaclear2020.com%2Fvideo%2F%3Faff_id%3D3438%26subid%3Dagi1112vistaclear HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:21 GMT
content-type: application/javascript
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
set-cookie: spiaffid_6574=3438; expires=Fri, 10-Feb-2023 19:32:21 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisubid_6574=agi1112vistaclear; expires=Fri, 10-Feb-2023 19:32:21 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spicampaign_id_6574=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6574=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_6574=91.90.42.154:emdlvr.com:get.vistaclear2020.com%2Fvideo; expires=Fri, 10-Feb-2023 19:32:21 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisessid2_6574=sessid20221112193227329; expires=Fri, 10-Feb-2023 19:32:21 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spi_funnel_codename_6574=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7691b1716b1bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
get.vistaclear2020.com/includes/css/fontawesome.min.css
172.67.214.203200 OK 0 B URL HTTP/2 get.vistaclear2020.com/includes/css/fontawesome.min.css
IP 172.67.214.203:0
GET /includes/css/fontawesome.min.css HTTP/1.1
Host: get.vistaclear2020.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/video/?aff_id=3438&subid=agi1112vistaclear
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:19 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 10 Nov 2022 12:18:34 GMT
etag: W/"e637-60412265-2b6ced;gz"
last-modified: Thu, 04 Mar 2021 18:09:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 31707
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PfNw5PdwrjGybY3556V%2FiVhDxnAKFiLxZMo8pZmXfGFeQuLynspcvzJR2yk1rxGLOq6KYj8TdiSIPPxjtumeRYy%2FwNY20%2Ba88p%2BKJs9euZJe2M7Cl5iVYowtT7WUYJstvcUpHhQRjos"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7691b168b8080afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6574
172.66.40.141200 OK 0 B URL HTTP/2 display.buygoods.com/v1/disclaimer?id=disclaimer&account_id=6574
IP 172.66.40.141:0
GET /v1/disclaimer?id=disclaimer&account_id=6574 HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://get.vistaclear2020.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:32:20 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
cache-control: private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7691b1695efdb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2