firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 04:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KwVi2IxLLUAuVjfPKYlu39J38NycCN6Q7_vn0-y5NxWm4aiRuWxzHQ==
Age: 3515
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8788
Expires: Wed, 21 Sep 2022 07:38:35 GMT
Date: Wed, 21 Sep 2022 05:12:07 GMT
Connection: keep-alive
bestforlife.life/india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
162.241.63.77301 Moved Permanently 0 B URL HTTP/1.1 bestforlife.life/india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 05:12:07 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://bestforlife.life/india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OnJaGrSJlcBwLJ5FnhDpcjC-a5Ld8fVRC6a_V1l2RkDJrMoIHgX2pA==
age: 2214
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 05:12:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e868da63f088519811bbb0fedaec44a1
07ab9133014226d139559ed4bd1a0c8a71f1105d
da47ff46367c193272cf17a53a3c5bc7a46d4e5a43c3272d35c2ac44167cf083
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA47FF46367C193272CF17A53A3C5BC7A46D4E5A43C3272D35C2AC44167CF083"
Last-Modified: Mon, 19 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17172
Expires: Wed, 21 Sep 2022 09:58:20 GMT
Date: Wed, 21 Sep 2022 05:12:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 05:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 05:38:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Mu9HRUTowFbxWooP3td9zmLBsJbJE3cGqxaP0h5Jpe02viH-wD3vyw==
Age: 526
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6567
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:08 GMT
Last-Modified: Wed, 21 Sep 2022 03:22:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.203.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.203.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fW5zZ3K96/+UeBpauJa3QA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zce7FbRBfkiGWd3wLPF1z9vtdJ4=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bestforlife.life/india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
162.241.63.77200 OK 26 kB URL HTTP/2 bestforlife.life/india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d8ed29598ba44fce9e999acf81ff10b0
5c9826cf84db0be8b837119a27803334ab08016a
abc1f0fbcd0c7d6572c6761f087291efb235f9f26364758f9d5f343dd75bebda
Analyzer Verdict Alert fortinet Phishing
GET /india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYzNzQwMTI=:visited=true; cf:visitor_id=9f140e15-49ab-45e3-80c8-6849b08c3335; cep=iSOYigZZc8VUyoaYP3DgKT_mzLwUQLEgeVf7XJ7Tu4M2Jzgw1rCEYeOOuuqayR7C683iu-dKt1L9WsCIiAMyZbYguy7jpHPjB3bGahu-iZ8jTyA7Ea6JQ2ZrM8O0wo78i3OKf4wdH60gY6cRX_V8qo3PFBz_EemyLRUuD2kq5avmtg0mkIVSoNMMwee_zEG4MoI7o41i2BM4O0wWleesBSZAzNM4vYz23jdkXyVU-u_K4Vcv_oRWj2J9YswssJcsn2_E9vQdf9oItXRX2XgVPId4emwslLp314icezCw5ybzAV40w9AIxqx-PHLlx-seyWhY7W3NB52WFlwVcOK2v_oDFkSDspKh3BkGDdM_rog; addevent_track_cookie=3bf0147e-fe32-47b8-abc3-f8a1ff059cda; qowlq3sd1ecw5ty2=true; 12446350_viewed_3=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=c0bfb31f6be8bc2a29a0feda39c5d6b4; path=/; secure; HttpOnly
__cf_bm=pFGk9MxTch__BskRFRWaxi4OR2X.93DmIkCpXO.ItsY-1663737128-0-AXBHfdH+dX9H1K3cZeSV8A1uvz36R9tDo9MArRZUAe940vzYOtDa1R4cvrFnEsWUVNpZut9mRRM0lDveMpsYrZTgRdvOd02gVo1WxiK5iyxC; path=/; expires=Wed, 21-Sep-22 05:42:08 GMT; domain=.www.bestforlife.life; HttpOnly; Secure
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 05:12:08 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 41ce6d816abf6cb41ee93410a3c651e7
271baf7f309a3a206b2e6b8cebcf4c14ee47b3f4
0988236e935c7124d1e2921ef45b1cda556f32f85cfba3de3cb3316b58a4c1a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:09 GMT
Server: ECS (amb/6B84)
Content-Length: 280
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 5.6 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
Hash cd2cff753f507dccc3ea3f7ff4f039bf
36da0bb155dd09916dfdc618b8e027cc180c6fd0
7a5119921afd6ecb783a7da89faf63ea16a8c724a233f80c0936050600050c59
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e04de0d8010b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 41ce6d816abf6cb41ee93410a3c651e7
271baf7f309a3a206b2e6b8cebcf4c14ee47b3f4
0988236e935c7124d1e2921ef45b1cda556f32f85cfba3de3cb3316b58a4c1a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:09 GMT
Server: ECS (amb/6BA0)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 41ce6d816abf6cb41ee93410a3c651e7
271baf7f309a3a206b2e6b8cebcf4c14ee47b3f4
0988236e935c7124d1e2921ef45b1cda556f32f85cfba3de3cb3316b58a4c1a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:09 GMT
Server: ECS (amb/6BAE)
Content-Length: 280
www.bestforlife.life/images/email.png
104.16.12.194200 OK 396 B URL HTTP/2 www.bestforlife.life/images/email.png
IP 104.16.12.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 70dae42092fa6a05978ff6a0620ee93f
9c16adafce76241c3d46ac182ad0b7452b6b7bfa
b7feff2ccba89704f5d3452349e19be7360a7b8f9702daad4c0813f8c5f3ef90
GET /images/email.png HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestforlife.life/assets/lander.css
Cookie: __cf_bm=HZyILMZeDoF0djBg5vQuHJ9alGLbgY1EgMBHa.4a7RM-1663737129-0-AaXwhemm71Bl+KMuvLidURjfwemAo4z37Vz/JcrcEKz00h2vVuBLlj6BGoB6wPa6hDWYdJ+tna7nb5CW0Gx+ZEj1fuao7zG60C3XEjIHQjNC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: image/webp
content-length: 396
cf-ray: 74e04de19e6fb500-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 3940
cache-control: public, max-age=2678400
content-disposition: inline; filename="email.webp"
etag: "632a4cc7-21c"
expires: Sat, 22 Oct 2022 05:12:09 GMT
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=540
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=kik9PqjeTPBYtqp5k3eWEy2k1N.6pw87yJQolURu.Rk-1663737129-0-AUDRNCZmf2W8zmwkl9742qTbHEpH6aGMhwf-JdTzJvPLjOkJimBxc414QwFfEe14mLpdIdZoQQ0Dw4EtUdYNJaiJ-3QqADdkvuDNHDovEs3U"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=kik9PqjeTPBYtqp5k3eWEy2k1N.6pw87yJQolURu.Rk-1663737129-0-AUDRNCZmf2W8zmwkl9742qTbHEpH6aGMhwf-JdTzJvPLjOkJimBxc414QwFfEe14mLpdIdZoQQ0Dw4EtUdYNJaiJ-3QqADdkvuDNHDovEs3U; report-to cf-csp-endpoint
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/b7/0344e2a543416b818d21be670a9db5/home-reg-form-bg_IN.jpg
104.16.12.194200 OK 156 kB URL HTTP/2 www.bestforlife.life/hosted/images/b7/0344e2a543416b818d21be670a9db5/home-reg-form-bg_IN.jpg
IP 104.16.12.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 3000x941, components 3\012- data
Size 156 kB (155668 bytes)
Hash 65824abc7994521b4abe998544c68fa2
e6be12bee707d7219c427aea9cc8b54d5e3eaae7
879bfa9b6fa35b98fdc794778c185fa5fbe926b144cdf6f20519893016d91ff5
GET /hosted/images/b7/0344e2a543416b818d21be670a9db5/home-reg-form-bg_IN.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=HZyILMZeDoF0djBg5vQuHJ9alGLbgY1EgMBHa.4a7RM-1663737129-0-AaXwhemm71Bl+KMuvLidURjfwemAo4z37Vz/JcrcEKz00h2vVuBLlj6BGoB6wPa6hDWYdJ+tna7nb5CW0Gx+ZEj1fuao7zG60C3XEjIHQjNC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: image/jpeg
content-length: 155668
cf-ray: 74e04de1ae75b500-OSL
accept-ranges: bytes
age: 3940
cache-control: max-age=31536000
etag: "65824abc7994521b4abe998544c68fa2"
last-modified: Tue, 20 Sep 2022 07:23:35 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: status=not_needed
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
assets.clickfunnels.com/images/blurredhandbg.png
104.16.13.194200 OK 227 kB URL HTTP/2 assets.clickfunnels.com/images/blurredhandbg.png
IP 104.16.13.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 227 kB (227280 bytes)
Hash b9395b15d16b8ecad083ea6a86dac64f
93773bab99a8ca8b4096741408f00f583a31b345
ce51573bb0622cc284a692d8af8f4c47e7bd27a31a6f0a61ed5439edb3ed85c0
GET /images/blurredhandbg.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=asVSLxxbfpe20chseemNOwPTpqyxX88Aq1uOsxdu_Zw-1663737129-0-ARclM9R4aQiyji/8FThxzq00sQSVOnw402yhhjqVTm/OjGqN8so97eSs5ylGa+isbcB7cm8L6HVdAVjXR4XMubp2YOWndDsFkU5g/GGJHQnL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: image/webp
content-length: 227280
cf-ray: 74e04de19ad7b512-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 229894
cache-control: public, max-age=2678400
content-disposition: inline; filename="blurredhandbg.webp"
etag: "630e9cfc-581e8"
expires: Sat, 22 Oct 2022 05:12:09 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=360936
server: cloudflare
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/7577aaa2/www-player.css
142.250.74.142200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/7577aaa2/www-player.css
IP 142.250.74.142:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f9390f92b3c372f0d550ee38e1390635
30b2f1f0b8f6d8249450ea85696abf466f915571
295a55abd0d6cffcd13bf72000fe17e777d61c198ffcebbb77ba71378da50462
GET /s/player/7577aaa2/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/okEUYy2PvHY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49631
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 14:50:03 GMT
expires: Tue, 19 Sep 2023 14:50:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 00:17:08 GMT
content-type: text/css
age: 138126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/7577aaa2/www-embed-player.vflset/www-embed-player.js
142.250.74.142200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/7577aaa2/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (570)
Hash 99dfba779db4190f6a484f19709b09e8
3fe5f6183c52548abec3484b154926f3b905aa6b
9cd782c0286aaa134f4935856bef05a7ed8ec04b1cad6775c7a3192f2be3ae5a
GET /s/player/7577aaa2/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/okEUYy2PvHY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97969
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 14:50:03 GMT
expires: Tue, 19 Sep 2023 14:50:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 00:17:08 GMT
content-type: text/javascript
age: 138126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/7577aaa2/player_ias.vflset/en_US/base.js
142.250.74.142200 OK 618 kB URL HTTP/2 www.youtube.com/s/player/7577aaa2/player_ias.vflset/en_US/base.js
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60273)
Size 618 kB (617508 bytes)
Hash 8b81c13567d6fdcf27a8ec65a5cd2c15
f8157a41cd625c9ed6e8cccde53585074e08fc76
ceb4827ef054c210bceb1e5bf4c300fe8196eee3fcb241fcb362d20f76e6a621
GET /s/player/7577aaa2/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/okEUYy2PvHY?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 589772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 14:56:14 GMT
expires: Tue, 19 Sep 2023 14:56:14 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 00:17:08 GMT
content-type: text/javascript
age: 137755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 319211
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bestforlife.life/favicon.ico
162.241.63.77302 Found 0 B URL HTTP/2 bestforlife.life/favicon.ico
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
Cookie: cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYzNzQwMTI=:visited=true; cf:visitor_id=9f140e15-49ab-45e3-80c8-6849b08c3335; cep=iSOYigZZc8VUyoaYP3DgKT_mzLwUQLEgeVf7XJ7Tu4M2Jzgw1rCEYeOOuuqayR7C683iu-dKt1L9WsCIiAMyZbYguy7jpHPjB3bGahu-iZ8jTyA7Ea6JQ2ZrM8O0wo78i3OKf4wdH60gY6cRX_V8qo3PFBz_EemyLRUuD2kq5avmtg0mkIVSoNMMwee_zEG4MoI7o41i2BM4O0wWleesBSZAzNM4vYz23jdkXyVU-u_K4Vcv_oRWj2J9YswssJcsn2_E9vQdf9oItXRX2XgVPId4emwslLp314icezCw5ybzAV40w9AIxqx-PHLlx-seyWhY7W3NB52WFlwVcOK2v_oDFkSDspKh3BkGDdM_rog; addevent_track_cookie=3bf0147e-fe32-47b8-abc3-f8a1ff059cda; qowlq3sd1ecw5ty2=true; 12446350_viewed_3=1; PHPSESSID=c0bfb31f6be8bc2a29a0feda39c5d6b4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
link: <https://bestforlife.life/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://bestforlife.life/wp-includes/images/w-logo-blue-white-bg.png
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 05:12:09 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11539
Expires: Wed, 21 Sep 2022 08:24:29 GMT
Date: Wed, 21 Sep 2022 05:12:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11539
Expires: Wed, 21 Sep 2022 08:24:29 GMT
Date: Wed, 21 Sep 2022 05:12:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11539
Expires: Wed, 21 Sep 2022 08:24:29 GMT
Date: Wed, 21 Sep 2022 05:12:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11539
Expires: Wed, 21 Sep 2022 08:24:29 GMT
Date: Wed, 21 Sep 2022 05:12:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cb692de2fcf108bf060af0b9599869f
443706b089783f7a16d4b001948a141a83ace053
06bedf63121d961420176535071c3a98d39e1d4586acb734d00ad80ce2b291ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6904
x-amzn-requestid: 1c4e2685-d06f-45fc-ab93-8678905f3804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwcI5HuLoAMFoRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329a705-099ce127249e148456270c11;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:41:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sRlJblY5obOlucutG9WQ_WPl5QGdA-0XsxIkHGkShaHvezNeqwGrkw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:43 GMT
age: 27027
etag: "443706b089783f7a16d4b001948a141a83ace053"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NzOpixfxr2pFiDhF5WUGmjD8r2CTn1grSkCEyWvthxRq0djbDKjknA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:15:05 GMT
age: 25025
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92f202bddcfee6efac41bcc25be5745
9d297544318ff34f839678d8b358290ab6bd62a8
f471aaff7c08c60905cff5b1c9d4b669a3179574493d23d27e681110688af6b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 69e8f4d4-2360-4124-a9e9-9cce3dd43da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0NWEgmIAMFusQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a33ee-0f4861c226117d70664b8612;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kj4FQUvvo13Yrwu_bKqee64IMn6X0UXlOJQ3fh40qejOi-3dtCrEYg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 26173
etag: "9d297544318ff34f839678d8b358290ab6bd62a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:25:17 GMT
age: 24413
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c523ffabe9e2288c7e6951ba0bc4c5d1
0d93de1e5f6a5c64116accbd61d003c349664483
b509944b3e30e23d3983a52e30ce228c29a0d821720794555863f97286d8c70c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1002d7b2-c264-4e0d-a7db-a4c5299eda73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4296
x-amzn-requestid: 29d5dfff-9f81-418b-ab6b-a9700c56da86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7jcFtLIAMFl5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632572e2-1acb4bbb3ea864a36fe7d70a;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:10:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v3dJNBDYYNoLZ-PB1PUUDJBTHhEpNuDxu8kR1COTfI59RHxmLE-vhQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:51:38 GMT
age: 22832
etag: "0d93de1e5f6a5c64116accbd61d003c349664483"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273857c4-a36e-4755-b3c4-1ff5fcd3d260.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273857c4-a36e-4755-b3c4-1ff5fcd3d260.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4a275a6a20ad8a21f49b3ed73098126
5dfdf9835782ef3825a45bfcc7f38dfe3a754df0
933a6d502e92d7320ad9f3204c768b0d7d757f136d4c9c130e418e74a36dde06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273857c4-a36e-4755-b3c4-1ff5fcd3d260.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11440
x-amzn-requestid: eda42fc3-bfca-4c15-856f-fae709e79c4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvZ5EcDIAMF9lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c3f-3ae1bd425e29e23c2ee71933;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UscDE1v3vDPb-3zj6gYkmlNRx4gBIYgiTMf4bYivsZm3Q-0kFOO10Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:12:22 GMT
age: 25188
etag: "5dfdf9835782ef3825a45bfcc7f38dfe3a754df0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bestforlife.life/wp-includes/images/w-logo-blue-white-bg.png
162.241.63.77200 OK 4.1 kB URL HTTP/2 bestforlife.life/wp-includes/images/w-logo-blue-white-bg.png
IP 162.241.63.77:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bestforlife.life/india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
Connection: keep-alive
Cookie: cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYzNzQwMTI=:visited=true; cf:visitor_id=9f140e15-49ab-45e3-80c8-6849b08c3335; cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u; addevent_track_cookie=3bf0147e-fe32-47b8-abc3-f8a1ff059cda; qowlq3sd1ecw5ty2=true; 12446350_viewed_3=1; PHPSESSID=c0bfb31f6be8bc2a29a0feda39c5d6b4; cf:NTYzNjYzNjU=:visited=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 08:34:02 GMT
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Wed, 21 Sep 2022 05:12:10 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e871380318c8a883f329ca25b2ee36c
e8d3585a45b2b32814096416b12028644c3aff50
0496e550737efc29d25e0bed099c472680f2367aa3d4cde4209bfa9af41fd9d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 04:59:23 GMT
expires: Wed, 21 Sep 2022 05:14:23 GMT
cache-control: public, max-age=900
age: 768
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e871380318c8a883f329ca25b2ee36c
e8d3585a45b2b32814096416b12028644c3aff50
0496e550737efc29d25e0bed099c472680f2367aa3d4cde4209bfa9af41fd9d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
216.58.211.2302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 21 Sep 2022 05:12:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e871380318c8a883f329ca25b2ee36c
e8d3585a45b2b32814096416b12028644c3aff50
0496e550737efc29d25e0bed099c472680f2367aa3d4cde4209bfa9af41fd9d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
216.58.211.2302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 21 Sep 2022 05:12:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 21 Sep 2022 05:12:11 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bestforlife.life/assets/pushcrew.js
104.16.12.194200 OK 472 B URL HTTP/2 www.bestforlife.life/assets/pushcrew.js
IP 104.16.12.194:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
Analyzer Verdict Alert fortinet Phishing
GET /assets/pushcrew.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: application/x-javascript
cf-ray: 74e04de0fdefb500-OSL
access-control-allow-origin: *
age: 857
cache-control: public, max-age=1200
etag: W/"632a4cc6-27d"
expires: Wed, 21 Sep 2022 05:32:09 GMT
last-modified: Tue, 20 Sep 2022 23:29:10 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=HZyILMZeDoF0djBg5vQuHJ9alGLbgY1EgMBHa.4a7RM-1663737129-0-AaXwhemm71Bl+KMuvLidURjfwemAo4z37Vz/JcrcEKz00h2vVuBLlj6BGoB6wPa6hDWYdJ+tna7nb5CW0Gx+ZEj1fuao7zG60C3XEjIHQjNC; path=/; expires=Wed, 21-Sep-22 05:42:09 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e52df212aa152f9db7c667c4434f8f7a
20168b1182923e946405bd5c2ea124acd7382c86
7c6c3dae1ff112b24f09bd7d37bffb043fd809661da79c26c16206ab75ca4a02
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 05:12:11 GMT
server: ESF
cache-control: private
content-length: 30942
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 67b756e82caefc7860b9f2d4a4f40341
adeae15d52089bcca4ca247fc4aebceef8406e34
72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36110)
Hash d348ea7c67cf70cc27add8ec15920c5f
46b2db74425f5c6c10c69831277b83c76c8c24b8
e9198b139add4e4683e04549366c63b57000c4e9d719c0e5820124d63d0fccff
GET /js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:09:26 GMT
expires: Thu, 21 Sep 2023 05:09:26 GMT
cache-control: public, max-age=31536000
age: 165
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ada29f357ebf16bf037a8f7ca0943687
08a6e41c5fa688ca538b3e4b30ec8100fb292aaf
e368e32c7f8c8d2ae99520c324a2571ed402c80f76aec3c05a9711df12150de5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c45d454962abeb650470d54596263993
3095b2d04ae42cd8eafe855dac4a98a7e2b1ab05
262161538c35f3bb6ca9d05fca3acd530733323cbdb38c9b0563de3250845e44
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 05:12:11 GMT
server: ESF
cache-control: private
content-length: 31053
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/SQLxNY7LnIg/sddefault.webp
142.250.74.86200 OK 15 kB URL HTTP/2 i.ytimg.com/vi_webp/SQLxNY7LnIg/sddefault.webp
IP 142.250.74.86:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d7151b6db387d108f69e3926e8c8163
73e73565ae2f3ed9f0593c0cff7f7b8086cb7aaa
08c2888c3bd197e5598a4b1f1062b1dfccb7e0ad500a198792f3d360fd4be755
GET /vi_webp/SQLxNY7LnIg/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 15030
date: Wed, 21 Sep 2022 05:12:11 GMT
expires: Wed, 21 Sep 2022 05:17:11 GMT
cache-control: public, max-age=300
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67801aaa77b0226b24e48c3d2b0055ec
284e0390a9afeed4f556a2e7eac0e75c33b01d6c
b576b0b0307ccf104137b1427b246e30570da6c64a1c8116fe4e765a0562a308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ada29f357ebf16bf037a8f7ca0943687
08a6e41c5fa688ca538b3e4b30ec8100fb292aaf
e368e32c7f8c8d2ae99520c324a2571ed402c80f76aec3c05a9711df12150de5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-VhLl8DuOuhoCwoqc99mMiJSpIWXd7c2W6VYuICB8zmwo2CC9Jeuovuvv2Xu9E=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 651 B URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-VhLl8DuOuhoCwoqc99mMiJSpIWXd7c2W6VYuICB8zmwo2CC9Jeuovuvv2Xu9E=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 2b339402c32cd376de085bea391a76f2
b168d4d86e0b1380f03f31423ec2942d8bff8bda
5c12a35795f3b83184c70cb5014aecafdf916e0e1de447693a68b3681a0a0758
GET /ytc/AMLnZu-VhLl8DuOuhoCwoqc99mMiJSpIWXd7c2W6VYuICB8zmwo2CC9Jeuovuvv2Xu9E=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 651
x-xss-protection: 0
date: Wed, 21 Sep 2022 01:20:43 GMT
expires: Thu, 22 Sep 2022 01:20:43 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 13888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67801aaa77b0226b24e48c3d2b0055ec
284e0390a9afeed4f556a2e7eac0e75c33b01d6c
b576b0b0307ccf104137b1427b246e30570da6c64a1c8116fe4e765a0562a308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bestforlife.life/hosted/images/5f/9d9fd2f7b542179fd44868c1151845/award-1_en.png
104.16.12.194200 OK 28 kB URL HTTP/2 www.bestforlife.life/hosted/images/5f/9d9fd2f7b542179fd44868c1151845/award-1_en.png
IP 104.16.12.194:0
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash 7019715972c14ccc264916cb5797dc48
44f3faf4e591cc9ef9ad3761da4fbc2f0f3302db
a4902f16ae13da544d75eafbb37de6d71bda8ae9b19f90bfb03f38a80d99e6ad
GET /hosted/images/5f/9d9fd2f7b542179fd44868c1151845/award-1_en.png HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UKIsVpAorAJVE7c9u17hNCNb5JrxZ1fe.HFAYWUGpvI-1663737129-0-AaZqAaAnlQGQrlqKZFx0jIBNBRwXgBSn45WZlu4rZrg9exDKgl9xfdA9rmouOu7VQ6IvxToARFd2A2rjKqaMJcZtKbh3eZfyxtC+ismAnzy1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:11 GMT
content-type: image/png
content-length: 27840
cf-ray: 74e04df039e9b500-OSL
accept-ranges: bytes
age: 3940
cache-control: max-age=31536000
etag: "1929b0d827ebdc6e911d585c21a34cf5"
last-modified: Mon, 12 Sep 2022 06:40:43 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: origSize=27861
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=S2gxVmZCMFNJeEJqUUNSbE9tWTFkdz09LS0xQUN5NWVrbkRMbFhvUHRVcldPUFBRPT0%3D--99f6072ebe20fd331dd58bd22fb138caf7f0b519&page_id=MzBRanZYYTBKL2M3K1U1NDJ3WUVUdz09LS1iNkZrRy90R1F5NGtWakZBQ0FGTkd3PT0%3D--5a7479105ddf8d454546be7f1ef8179afd46ed97&funnel_step_id=ajIxaUpQeGx6ck9tU0Y2Z3l0eFh5UT09LS16czIwb1dJb3NoUGhCa1o0dkxIZ25BPT0%3D--cd8e9c8d3196c5ebeff62d78dadaf7e984223a2b&user_id=K3czOVVXNEFYMzRuSTR0clNIQytCZz09LS01Lzg0a2pGalI1aU9EL1hYTldwMHNRPT0%3D--4fa4103c8f3ca30f6f53885231818fbfa7a8ecad&account_id=V2QrKzhoVW50ZFdCYlhmVzVqNDVHdz09LS1Ud2hSeE1TMmlBMDNmNWZEeWQyRWVRPT0%3D--4bc9cfa0458875f6e5f49b86e9d051b50e4b2ca8&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=251b5baf-236e-4b39-ba43-82f2bb0d9dd6&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3Da1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
104.16.13.194202 Accepted 38 kB URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=S2gxVmZCMFNJeEJqUUNSbE9tWTFkdz09LS0xQUN5NWVrbkRMbFhvUHRVcldPUFBRPT0%3D--99f6072ebe20fd331dd58bd22fb138caf7f0b519&page_id=MzBRanZYYTBKL2M3K1U1NDJ3WUVUdz09LS1iNkZrRy90R1F5NGtWakZBQ0FGTkd3PT0%3D--5a7479105ddf8d454546be7f1ef8179afd46ed97&funnel_step_id=ajIxaUpQeGx6ck9tU0Y2Z3l0eFh5UT09LS16czIwb1dJb3NoUGhCa1o0dkxIZ25BPT0%3D--cd8e9c8d3196c5ebeff62d78dadaf7e984223a2b&user_id=K3czOVVXNEFYMzRuSTR0clNIQytCZz09LS01Lzg0a2pGalI1aU9EL1hYTldwMHNRPT0%3D--4fa4103c8f3ca30f6f53885231818fbfa7a8ecad&account_id=V2QrKzhoVW50ZFdCYlhmVzVqNDVHdz09LS1Ud2hSeE1TMmlBMDNmNWZEeWQyRWVRPT0%3D--4bc9cfa0458875f6e5f49b86e9d051b50e4b2ca8&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=251b5baf-236e-4b39-ba43-82f2bb0d9dd6&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3Da1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
IP 104.16.13.194:0
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash ce7b869474e06a1514a28029fe8fa9bc
ea6626ab98fc9c58b2c4e41f1d409aded8697e2b
e55d0a706f85ff9918f5d1c5f8edbb291fe4b4d33991e10ce9f6fc43c5a3cf0c
GET /userevents/?funnel_id=S2gxVmZCMFNJeEJqUUNSbE9tWTFkdz09LS0xQUN5NWVrbkRMbFhvUHRVcldPUFBRPT0%3D--99f6072ebe20fd331dd58bd22fb138caf7f0b519&page_id=MzBRanZYYTBKL2M3K1U1NDJ3WUVUdz09LS1iNkZrRy90R1F5NGtWakZBQ0FGTkd3PT0%3D--5a7479105ddf8d454546be7f1ef8179afd46ed97&funnel_step_id=ajIxaUpQeGx6ck9tU0Y2Z3l0eFh5UT09LS16czIwb1dJb3NoUGhCa1o0dkxIZ25BPT0%3D--cd8e9c8d3196c5ebeff62d78dadaf7e984223a2b&user_id=K3czOVVXNEFYMzRuSTR0clNIQytCZz09LS01Lzg0a2pGalI1aU9EL1hYTldwMHNRPT0%3D--4fa4103c8f3ca30f6f53885231818fbfa7a8ecad&account_id=V2QrKzhoVW50ZFdCYlhmVzVqNDVHdz09LS1Ud2hSeE1TMmlBMDNmNWZEeWQyRWVRPT0%3D--4bc9cfa0458875f6e5f49b86e9d051b50e4b2ca8&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=251b5baf-236e-4b39-ba43-82f2bb0d9dd6&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3Da1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 05:12:10 GMT
content-type: text/html
cf-ray: 74e04de6df38b512-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: c8a94d9d9eb2d9aa7225736644837da5
x-runtime: 0.094115
set-cookie: __cf_bm=K60wW.85sxG56Ig4DG_oPrzOraUXVniNKehdMDsHZek-1663737130-0-AQqbeTSJHpLyGiY4lCifx1bhkOVCeLoa/u/278h8rI9OWu8l5ScqzILSoAyybkQjG2CLbOFuFKMzj8aoNjnbfpVVAnAK6rBw2J6Hn/GwjKN2; path=/; expires=Wed, 21-Sep-22 05:42:10 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/a3/84941e79e749d98e6d053f0260b788/award-4_en.png
104.16.12.194200 OK 14 kB URL HTTP/2 www.bestforlife.life/hosted/images/a3/84941e79e749d98e6d053f0260b788/award-4_en.png
IP 104.16.12.194:0
File type PNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data
Hash b23f8f54ca7abb700b60d729aa501b59
67d4177852367711d469014b4d6ad628f1c7ef37
73d59114ada9ae1fcca329c92713cd294e29c6471ed1e5b1cec036182ad94da2
GET /hosted/images/a3/84941e79e749d98e6d053f0260b788/award-4_en.png HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UKIsVpAorAJVE7c9u17hNCNb5JrxZ1fe.HFAYWUGpvI-1663737129-0-AaZqAaAnlQGQrlqKZFx0jIBNBRwXgBSn45WZlu4rZrg9exDKgl9xfdA9rmouOu7VQ6IvxToARFd2A2rjKqaMJcZtKbh3eZfyxtC+ismAnzy1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:11 GMT
content-type: image/png
content-length: 13514
cf-ray: 74e04df049edb500-OSL
accept-ranges: bytes
age: 3940
cache-control: max-age=31536000
etag: "937cf3f8584c35e27f97d9354fb41312"
last-modified: Mon, 12 Sep 2022 06:40:44 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: origSize=13535
x-amz-cf-pop: SOF50-C1
server: cloudflare
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 05:12:11 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 2777
x-timer: S1663737132.610350,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/4a/259d6d557944a3ba32a71896c0821d/yg4-winner-gm-1-.jpg
104.16.12.194200 OK 16 kB URL HTTP/2 www.bestforlife.life/hosted/images/4a/259d6d557944a3ba32a71896c0821d/yg4-winner-gm-1-.jpg
IP 104.16.12.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 380x220, components 3\012- data
Hash 9ee74e7d730fc9f1a89a85f37e686db4
7e311ba386e6f953d3bab4049c36ccf81f487257
dd6ef12c81552cdf98a7f2657f502a45c7912c8c318823eedae4243f39eef272
GET /hosted/images/4a/259d6d557944a3ba32a71896c0821d/yg4-winner-gm-1-.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UKIsVpAorAJVE7c9u17hNCNb5JrxZ1fe.HFAYWUGpvI-1663737129-0-AaZqAaAnlQGQrlqKZFx0jIBNBRwXgBSn45WZlu4rZrg9exDKgl9xfdA9rmouOu7VQ6IvxToARFd2A2rjKqaMJcZtKbh3eZfyxtC+ismAnzy1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:11 GMT
content-type: image/jpeg
content-length: 15644
cf-ray: 74e04df039e2b500-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "9ee74e7d730fc9f1a89a85f37e686db4"
last-modified: Tue, 20 Sep 2022 22:38:25 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=luyB2h0RsHBb0o5sRqL.nOju_g4zlV7U.XGXzPzUo0U-1663737131-0-AVZWoCp3LBtzAcrMX83Y2yWL6U3I5g41SkWBGEWQLZhBExFGlMVY7Fcv79s8qvqEWgVz41BSRtbxthmT22NHessSEoZ9AyqEaFaclK4A-uha"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=luyB2h0RsHBb0o5sRqL.nOju_g4zlV7U.XGXzPzUo0U-1663737131-0-AVZWoCp3LBtzAcrMX83Y2yWL6U3I5g41SkWBGEWQLZhBExFGlMVY7Fcv79s8qvqEWgVz41BSRtbxthmT22NHessSEoZ9AyqEaFaclK4A-uha; report-to cf-csp-endpoint
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/19/5fbfa939824f7cb34e20bc7c93965f/yg4-winner-dp-1-.jpg
104.16.12.194200 OK 18 kB URL HTTP/2 www.bestforlife.life/hosted/images/19/5fbfa939824f7cb34e20bc7c93965f/yg4-winner-dp-1-.jpg
IP 104.16.12.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 380x220, components 3\012- data
Hash 9607c8474129e1d5ab5dde2c92007ffe
9fcdd5713df80b0d570d70fc4e416fad655e13bd
b87d633138390807a9837ed9ab192c0dd86d1ce0d0d633d910b42054ff9d42f5
GET /hosted/images/19/5fbfa939824f7cb34e20bc7c93965f/yg4-winner-dp-1-.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UKIsVpAorAJVE7c9u17hNCNb5JrxZ1fe.HFAYWUGpvI-1663737129-0-AaZqAaAnlQGQrlqKZFx0jIBNBRwXgBSn45WZlu4rZrg9exDKgl9xfdA9rmouOu7VQ6IvxToARFd2A2rjKqaMJcZtKbh3eZfyxtC+ismAnzy1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:11 GMT
content-type: image/jpeg
content-length: 18118
cf-ray: 74e04df039e4b500-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "9607c8474129e1d5ab5dde2c92007ffe"
last-modified: Tue, 20 Sep 2022 22:38:50 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/hosted/images/31/feeb7ef4754395a22472356af89d12/yg4-winner-ir.jpg
104.16.12.194200 OK 11 kB URL HTTP/2 www.bestforlife.life/hosted/images/31/feeb7ef4754395a22472356af89d12/yg4-winner-ir.jpg
IP 104.16.12.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 380x220, components 3\012- data
Hash f8203edaf825f12c9f2878733a17eefc
c3d42aa2efe712654e470e33f1c30e75f12bbf7a
94d2e40bd69da25d6ec2e0211b59187fb9a713bd2c4b37d4a6fad1e575d65adb
GET /hosted/images/31/feeb7ef4754395a22472356af89d12/yg4-winner-ir.jpg HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UKIsVpAorAJVE7c9u17hNCNb5JrxZ1fe.HFAYWUGpvI-1663737129-0-AaZqAaAnlQGQrlqKZFx0jIBNBRwXgBSn45WZlu4rZrg9exDKgl9xfdA9rmouOu7VQ6IvxToARFd2A2rjKqaMJcZtKbh3eZfyxtC+ismAnzy1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:12 GMT
content-type: image/jpeg
content-length: 10869
cf-ray: 74e04df039e0b500-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "f8203edaf825f12c9f2878733a17eefc"
last-modified: Tue, 20 Sep 2022 22:38:08 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 37b6097226b409c237ef99f1da688e60
71ab02ee2fd165ba99e9b964a1a3e5055c88224b
ab0e339aa9b34926c6fb4e1191e121febe026996f1cb0bc05ecb187a69653282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1168
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 05:12:12 GMT
Last-Modified: Wed, 21 Sep 2022 04:52:44 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.bestforlife.life/vendor.js
104.16.12.194200 OK 20 kB URL HTTP/2 www.bestforlife.life/vendor.js
IP 104.16.12.194:0
Hash 540a4e96c079fa15585d2c4f4dbe603b
5ce9c8054ac2acaa6b82471c8c7b40ba1dbe118d
de50599b358666b65e0d7de4ad4faf312486880cb44510a3b89e0d963475b8c3
Analyzer Verdict Alert fortinet Phishing
GET /vendor.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=UKIsVpAorAJVE7c9u17hNCNb5JrxZ1fe.HFAYWUGpvI-1663737129-0-AaZqAaAnlQGQrlqKZFx0jIBNBRwXgBSn45WZlu4rZrg9exDKgl9xfdA9rmouOu7VQ6IvxToARFd2A2rjKqaMJcZtKbh3eZfyxtC+ismAnzy1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:10 GMT
content-type: application/javascript
cf-ray: 74e04de5e9feb500-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: ea5ed2d59b93be697c73cb5778d2a3a5
x-runtime: 0.018745
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4206&ck=1&ref=https://bestforlife.life/india&ap=339&be=1251&fe=3926&dc=2431&perf=%7B%22timing%22:%7B%22of%22:1663737127625,%22n%22:0,%22f%22:345,%22dn%22:356,%22dne%22:356,%22c%22:357,%22s%22:495,%22ce%22:751,%22rq%22:751,%22rp%22:1220,%22rpe%22:1220,%22dl%22:1235,%22di%22:2293,%22ds%22:2431,%22de%22:2583,%22dc%22:3925,%22l%22:3925,%22le%22:4056%7D,%22navigation%22:%7B%7D%7D&fcp=1634&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4206&ck=1&ref=https://bestforlife.life/india&ap=339&be=1251&fe=3926&dc=2431&perf=%7B%22timing%22:%7B%22of%22:1663737127625,%22n%22:0,%22f%22:345,%22dn%22:356,%22dne%22:356,%22c%22:357,%22s%22:495,%22ce%22:751,%22rq%22:751,%22rp%22:1220,%22rpe%22:1220,%22dl%22:1235,%22di%22:2293,%22ds%22:2431,%22de%22:2583,%22dc%22:3925,%22l%22:3925,%22le%22:4056%7D,%22navigation%22:%7B%7D%7D&fcp=1634&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=4206&ck=1&ref=https://bestforlife.life/india&ap=339&be=1251&fe=3926&dc=2431&perf=%7B%22timing%22:%7B%22of%22:1663737127625,%22n%22:0,%22f%22:345,%22dn%22:356,%22dne%22:356,%22c%22:357,%22s%22:495,%22ce%22:751,%22rq%22:751,%22rp%22:1220,%22rpe%22:1220,%22dl%22:1235,%22di%22:2293,%22ds%22:2431,%22de%22:2583,%22dc%22:3925,%22l%22:3925,%22le%22:4056%7D,%22navigation%22:%7B%7D%7D&fcp=1634&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 05:12:12 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74e04df3dff2b4fd-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=dcc77da633e10f05; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
app.clickfunnels.com/mailcheck.min.js
104.16.13.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/mailcheck.min.js
IP 104.16.13.194:0
GET /mailcheck.min.js HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: application/x-javascript
cf-ray: 74e04de0a9a4b512-OSL
access-control-allow-origin: *
age: 4869
etag: W/"632a4cc7-a8d"
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=asVSLxxbfpe20chseemNOwPTpqyxX88Aq1uOsxdu_Zw-1663737129-0-ARclM9R4aQiyji/8FThxzq00sQSVOnw402yhhjqVTm/OjGqN8so97eSs5ylGa+isbcB7cm8L6HVdAVjXR4XMubp2YOWndDsFkU5g/GGJHQnL; path=/; expires=Wed, 21-Sep-22 05:42:09 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.bestforlife.life/assets/lander.css
104.16.12.194200 OK 0 B URL HTTP/2 www.bestforlife.life/assets/lander.css
IP 104.16.12.194:0
GET /assets/lander.css HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: text/css
cf-ray: 74e04de0ede4b500-OSL
access-control-allow-origin: *
age: 857
cache-control: public, max-age=1200
etag: W/"632a4cc7-6a514"
expires: Wed, 21 Sep 2022 05:32:09 GMT
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=81BzuCyFu4fiz8kJdw9xh64kCg3gWQJh09QfxHkWqjo-1663737129-0-AbxMhSs6s2uud+skogMPp2Yz+2CnJbFd3ZnSoR/rEmotC6uvzerV6+ljNEyMxaSOeEho0FlAA0dumORT/mXrL+Hs/BSRbSZaREvmWJeq/N9a; path=/; expires=Wed, 21-Sep-22 05:42:09 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
app.clickfunnels.com/images/closemodal.png
104.16.13.194200 OK 0 B URL HTTP/2 app.clickfunnels.com/images/closemodal.png
IP 104.16.13.194:0
GET /images/closemodal.png HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Cookie: __cf_bm=asVSLxxbfpe20chseemNOwPTpqyxX88Aq1uOsxdu_Zw-1663737129-0-ARclM9R4aQiyji/8FThxzq00sQSVOnw402yhhjqVTm/OjGqN8so97eSs5ylGa+isbcB7cm8L6HVdAVjXR4XMubp2YOWndDsFkU5g/GGJHQnL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:11 GMT
content-type: image/webp
cf-ray: 74e04df03f12b512-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1766793
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sat, 22 Oct 2022 05:12:11 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
server: cloudflare
X-Firefox-Spdy: h2
www.bestforlife.life/assets/lander.js
104.16.12.194200 OK 0 B URL HTTP/2 www.bestforlife.life/assets/lander.js
IP 104.16.12.194:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/lander.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: application/x-javascript
cf-ray: 74e04de18e5cb500-OSL
access-control-allow-origin: *
age: 857
cache-control: public, max-age=1200
etag: W/"632a4d03-238fd1"
expires: Wed, 21 Sep 2022 05:32:09 GMT
last-modified: Tue, 20 Sep 2022 23:30:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=ST.YH4DzSjGTme0ZAy89P65QuZnDnU.HmdyRfBiFs48-1663737129-0-AQ9z3Hbd62RTyOQgi22faCw7/uHiyaJQF6+USKE4hd9ZIYPX0Sur22UR6nIAHyKEulKpf6kUIlYRe8dhKAQ9pLLQtbK3iKJ0He9R2sPTE8v0; path=/; expires=Wed, 21-Sep-22 05:42:09 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.bestforlife.life/images/background.png?_unique=0.39812377391928944&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//bestforlife.life/india%3Fcep%3Da1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u&_title=Jeetcity%20Casino&_key=fyzzeg1v&_page_key=knabb6fl8kqpwjea&_fid=12446350&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://bestforlife.life/india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u&_referrer=
104.16.12.194200 OK 0 B URL HTTP/2 www.bestforlife.life/images/background.png?_unique=0.39812377391928944&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//bestforlife.life/india%3Fcep%3Da1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u&_title=Jeetcity%20Casino&_key=fyzzeg1v&_page_key=knabb6fl8kqpwjea&_fid=12446350&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://bestforlife.life/india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u&_referrer=
IP 104.16.12.194:0
GET /images/background.png?_unique=0.39812377391928944&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//bestforlife.life/india%3Fcep%3Da1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u&_title=Jeetcity%20Casino&_key=fyzzeg1v&_page_key=knabb6fl8kqpwjea&_fid=12446350&_fspos=2&_fvrs=1&_funnel_stat=0&_location=https://bestforlife.life/india?cep=a1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u&_referrer= HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:11 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 74e04df059f7b500-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 23a5f724d2273388ee75e98be960ac62
x-runtime: 0.030724
set-cookie: __cf_bm=D5WtzkUALQzuyQn4le5If0szNuIgorJNMWH2ylrxDGo-1663737131-0-Aa67yOsbcWoAC+/Dzwc2l9/0JiYqxKnKqlgBkR/6crX+p1CZMeZlyOA2/L5rPk73/UHyjZnz8UGQtzOzF4UTjJ5R70MHX68WM/jLsMprBz4n; path=/; expires=Wed, 21-Sep-22 05:42:11 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 05:12:09 GMT
date: Wed, 21 Sep 2022 05:12:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.133.15:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: text/css
x-amz-id-2: eDALjXs4h5JwODL8ovr/4umLPbaCelCJI3+jx3FuubhJSoknTWWFmQo6HJaW+Q0JCvePiWa75nI=
x-amz-request-id: WT4YSGCQ9TAEW3HE
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28475386
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hE%2BWUsppoQnOOobU4g4RCVFCETN5P6iaiGG1QHfF%2B1lXcFmriyrRwEQMiMTPL4NcZUx39mvmbM8I7D0vbFaTdiGbSUKIbbZazEYGj%2Bxa%2FuAXfcQBAi4n35erLcALsaHmNewmwnp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e04de09c1576ab-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
app.clickfunnels.com/userevents/?funnel_id=S2gxVmZCMFNJeEJqUUNSbE9tWTFkdz09LS0xQUN5NWVrbkRMbFhvUHRVcldPUFBRPT0%3D--99f6072ebe20fd331dd58bd22fb138caf7f0b519&page_id=MzBRanZYYTBKL2M3K1U1NDJ3WUVUdz09LS1iNkZrRy90R1F5NGtWakZBQ0FGTkd3PT0%3D--5a7479105ddf8d454546be7f1ef8179afd46ed97&funnel_step_id=ajIxaUpQeGx6ck9tU0Y2Z3l0eFh5UT09LS16czIwb1dJb3NoUGhCa1o0dkxIZ25BPT0%3D--cd8e9c8d3196c5ebeff62d78dadaf7e984223a2b&user_id=K3czOVVXNEFYMzRuSTR0clNIQytCZz09LS01Lzg0a2pGalI1aU9EL1hYTldwMHNRPT0%3D--4fa4103c8f3ca30f6f53885231818fbfa7a8ecad&account_id=V2QrKzhoVW50ZFdCYlhmVzVqNDVHdz09LS1Ud2hSeE1TMmlBMDNmNWZEeWQyRWVRPT0%3D--4bc9cfa0458875f6e5f49b86e9d051b50e4b2ca8&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=0f9d16db-3488-4102-b6b5-c2488585bbfd&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3Da1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
104.16.13.194202 Accepted 0 B URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=S2gxVmZCMFNJeEJqUUNSbE9tWTFkdz09LS0xQUN5NWVrbkRMbFhvUHRVcldPUFBRPT0%3D--99f6072ebe20fd331dd58bd22fb138caf7f0b519&page_id=MzBRanZYYTBKL2M3K1U1NDJ3WUVUdz09LS1iNkZrRy90R1F5NGtWakZBQ0FGTkd3PT0%3D--5a7479105ddf8d454546be7f1ef8179afd46ed97&funnel_step_id=ajIxaUpQeGx6ck9tU0Y2Z3l0eFh5UT09LS16czIwb1dJb3NoUGhCa1o0dkxIZ25BPT0%3D--cd8e9c8d3196c5ebeff62d78dadaf7e984223a2b&user_id=K3czOVVXNEFYMzRuSTR0clNIQytCZz09LS01Lzg0a2pGalI1aU9EL1hYTldwMHNRPT0%3D--4fa4103c8f3ca30f6f53885231818fbfa7a8ecad&account_id=V2QrKzhoVW50ZFdCYlhmVzVqNDVHdz09LS1Ud2hSeE1TMmlBMDNmNWZEeWQyRWVRPT0%3D--4bc9cfa0458875f6e5f49b86e9d051b50e4b2ca8&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=0f9d16db-3488-4102-b6b5-c2488585bbfd&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3Da1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u
IP 104.16.13.194:0
GET /userevents/?funnel_id=S2gxVmZCMFNJeEJqUUNSbE9tWTFkdz09LS0xQUN5NWVrbkRMbFhvUHRVcldPUFBRPT0%3D--99f6072ebe20fd331dd58bd22fb138caf7f0b519&page_id=MzBRanZYYTBKL2M3K1U1NDJ3WUVUdz09LS1iNkZrRy90R1F5NGtWakZBQ0FGTkd3PT0%3D--5a7479105ddf8d454546be7f1ef8179afd46ed97&funnel_step_id=ajIxaUpQeGx6ck9tU0Y2Z3l0eFh5UT09LS16czIwb1dJb3NoUGhCa1o0dkxIZ25BPT0%3D--cd8e9c8d3196c5ebeff62d78dadaf7e984223a2b&user_id=K3czOVVXNEFYMzRuSTR0clNIQytCZz09LS01Lzg0a2pGalI1aU9EL1hYTldwMHNRPT0%3D--4fa4103c8f3ca30f6f53885231818fbfa7a8ecad&account_id=V2QrKzhoVW50ZFdCYlhmVzVqNDVHdz09LS1Ud2hSeE1TMmlBMDNmNWZEeWQyRWVRPT0%3D--4bc9cfa0458875f6e5f49b86e9d051b50e4b2ca8&page_code=NTYzNjYzNjU%3D&mode_id=1&time_zone=UTC&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=0f9d16db-3488-4102-b6b5-c2488585bbfd&url=https%3A%2F%2Fbestforlife.life%2Findia%3Fcep%3Da1pj0sM7eazRQI_gHiHj88okbXSlxPq7NVrpKvVLFaWd4fK-MdJlZab2hJu1aITKrQWtnc-aA17QhWUwqjMkzQWAtZLOmngR5XQM8K61i1dkcbeeGxzc2Wuj6uAOLQEntN2PMbwjfagx5px5zXrKT-PfTmgUOSbF8ovjQkGS9TDK42TV6X1TQzce8iSThIwEvHQ59ZvC6khgKSuu3Dp4e29NKyJHOKNIXGS0thOkpJmFjD2lRL33LaRMRD8xyUl18x7BcxxHOBfn6lgocNzojRFVUbvT5oGzNBsKLKuo_V2xzVKYWLFgEDOfCnticus4NoiOExYeIyOQ-rxHlfwbJ_BBPbN4I2db6h2EdWCskOj_ZYeLBYDjirxoJ0Rs_d6u HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestforlife.life
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 05:12:10 GMT
content-type: text/html
cf-ray: 74e04de6df3cb512-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 0f05431ef13f20e0240f914df0edbc0a
x-runtime: 0.043174
set-cookie: __cf_bm=Crb39MVg3x7FUtP5yAnpkvS.9dWcEzCZMKFz2WcySKo-1663737130-0-AQNtIPP/QlmbZlnaGJ0Bj9yDFUCoTD5i9IzjkyNrgvhBNbg+2A0aPgtC1Z9ZdzRoI0lKaIEhY8bYB7y7woPXI+6Fan2Q/v6z+R6F0On1IqxA; path=/; expires=Wed, 21-Sep-22 05:42:10 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: text/css
x-amz-id-2: lj0FvMnfC9mptRM/Gd0lw9lT7Zj4wo+oaxaEYLcDnZaRJXq3Oc/kbTmcEwen2MxXaG9FhyIrGnI=
x-amz-request-id: 9D38DJ2PTJVFVSCR
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28475385
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXo6m312WmuH9WtZK6DRVpJ7xUdmFN8ByscFYhmU0znCDjzjPTalUrE6UogHS7Sh5sdazuHmqI%2BBvU47le4c13p9Y3sjMqlI%2FxIjXIsvCxS4oApswTkc3rLKd%2FMJqadII6uuLJuD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e04de0ac1c76ab-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bestforlife.life/assets/userevents/application.js
104.16.12.194200 OK 0 B URL HTTP/2 www.bestforlife.life/assets/userevents/application.js
IP 104.16.12.194:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/userevents/application.js HTTP/1.1
Host: www.bestforlife.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestforlife.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 05:12:09 GMT
content-type: application/x-javascript
cf-ray: 74e04de18e5db500-OSL
access-control-allow-origin: *
age: 857
cache-control: public, max-age=1200
etag: W/"632a4cc7-1353"
expires: Wed, 21 Sep 2022 05:32:09 GMT
last-modified: Tue, 20 Sep 2022 23:29:11 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
set-cookie: __cf_bm=UKIsVpAorAJVE7c9u17hNCNb5JrxZ1fe.HFAYWUGpvI-1663737129-0-AaZqAaAnlQGQrlqKZFx0jIBNBRwXgBSn45WZlu4rZrg9exDKgl9xfdA9rmouOu7VQ6IvxToARFd2A2rjKqaMJcZtKbh3eZfyxtC+ismAnzy1; path=/; expires=Wed, 21-Sep-22 05:42:09 GMT; domain=.www.bestforlife.life; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2