r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9045
Expires: Mon, 14 Nov 2022 03:16:10 GMT
Date: Mon, 14 Nov 2022 00:45:25 GMT
Connection: keep-alive
the.thelifestyleresorts.com/ga/click/2-393046857-1833-14979-29253-27151-c888af5dbe-p29fdb37a2
302 Found 116 B URL HTTP/1.1 the.thelifestyleresorts.com/ga/click/2-393046857-1833-14979-29253-27151-c888af5dbe-p29fdb37a2
IP
ASN #212744 Albanian Hosting SH.P.K.
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 7c6122093284dac197d40149da2c65f5
ad0b7b56da3742eb889dde537a3d7b33770dbe38
b522f3639dde054e051cb8bab17e63fd3ec819a252847e5aea32d89ddfe01510
GET /ga/click/2-393046857-1833-14979-29253-27151-c888af5dbe-p29fdb37a2 HTTP/1.1
Host: the.thelifestyleresorts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 14 Nov 2022 00:44:53 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: 459e0db6ae0a86342f8039c4249e6cb5
Location: https://mwebnice.com/6340/1338/3/?subid=breakmxnww
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.011920
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11113
Expires: Mon, 14 Nov 2022 03:50:38 GMT
Date: Mon, 14 Nov 2022 00:45:25 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash b1e969be0f3201087da138cbc8b89f10
d0a27f525f2b242b5dafa157f126c2ba880c8809
f7e5f39372b5adcc30c27e727eee1b19e6d13ed1b54fa1ad67235dc8ee08ac51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2597
Cache-Control: max-age=124153
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:25 GMT
Etag: "6370c779-1d7"
Expires: Tue, 15 Nov 2022 11:14:38 GMT
Last-Modified: Sun, 13 Nov 2022 10:31:21 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ykS10y3Mj5u7RK6NrU7LZ46BA15OHQX2vPhpIb1QhXQwpnnh9+XN+vn2jciLEhklHLMQMSoOwcU=
x-amz-request-id: G245MPBC9JQJSFRH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 14 Nov 2022 00:13:38 GMT
age: 1907
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 14 Nov 2022 00:44:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 75
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 00:45:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash cac1ad665b4a2d164f6ae680a6d027b1
8af036172cd4c7e11aea546897b7e10e7586c15b
72d3d58c3ee7684503260203ec7954d9580941c55d9b74f2d4ca0b8e72173172
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170870
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:25 GMT
Etag: "6371881b-117"
Expires: Wed, 16 Nov 2022 00:13:15 GMT
Last-Modified: Mon, 14 Nov 2022 00:13:15 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 14 Nov 2022 00:44:48 GMT
cache-control: public,max-age=3600
age: 37
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0a9a357f652868f9317812b8103ba15d
95a90c7a07b591dce7f39c6f9ab27974d1a1ed2a
16fd52c7ee6806455e724f30af8d58630a141a8a3823c48c20b5da3a71f066da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 153
Cache-Control: max-age=116639
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:26 GMT
Etag: "6370b3ac-1d7"
Expires: Tue, 15 Nov 2022 09:09:25 GMT
Last-Modified: Sun, 13 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 279 B IP
Hash 28b2540175d61c00d27f70e525b8faf2
a77690df83406262e5394d1bed9b0f5e78259b38
aabc8717006a9e16f94ef4b803d6a7cc52ae0332589e3db2d90aca9a61bab9ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89828
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:26 GMT
Etag: "63704b8a-117"
Expires: Tue, 15 Nov 2022 01:42:34 GMT
Last-Modified: Sun, 13 Nov 2022 01:42:34 GMT
Server: nginx
Content-Length: 279
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hgO+NN37kWCCxAMEcmNajA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tD5mAlg98YN3QOyUNaRrR9q5AQs=
herpesyl.com/images/custom/transcript-3.jpg
200 OK 56 kB URL HTTP/2 herpesyl.com/images/custom/transcript-3.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 475x356, components 3\012- data
Hash 4c36b46c7dec1da1422bf3b8e81924e0
1be1f3eacba2c7423ff91c4da7da27817f8f473c
cc5a7df7da8537089b91e1c89b1dd2ee83bb1e20101ecbf5cd25874236dc0ed0
GET /images/custom/transcript-3.jpg HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/jpeg
content-length: 56362
last-modified: Tue, 06 Oct 2020 13:28:07 GMT
etag: "5f7c70e7-dc2a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyUjFvIHf2webaUgOhU5INQr33vokqwUtAdS2zo%2BpEB3gmPWhzULNgoa2QVX46hXvcO%2Fr%2BXwPYUewHq6S18wGVkNtiHhCe8SyRlvpofOp6mvGKsI4aFusRDqiyJ%2BRcM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb9728e57b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/custom/transcript-5.jpg
200 OK 91 kB URL HTTP/2 herpesyl.com/images/custom/transcript-5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash e89809b0a9106100631e660dcd5a9d25
9f1d7805a36c167e3388fc12bc7f8ea132afe71b
06690d1336590ae11c5146d8c51845ea44ae504ebf1bc594e21dc7ef0e1cdd05
GET /images/custom/transcript-5.jpg HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/jpeg
content-length: 90989
last-modified: Tue, 06 Oct 2020 13:28:07 GMT
etag: "5f7c70e7-1636d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6b4Y09EYIelNVHCma%2BM8b6Edblh4UAUBpz06K1WhfgWbh3wJrdAfd2RYKDYfrFDLPEAdX12RWQbGaKUVTRGJXbZ5glLfnGry7l6TLvC6ohFHZE2cbthFqsuK0btxeRo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb9728e5ab4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/custom/transcript-4.jpg
200 OK 160 kB URL HTTP/2 herpesyl.com/images/custom/transcript-4.jpg
IP
File type JPEG image data, baseline, precision 8, 1005x512, components 3\012- data
Size 160 kB (159550 bytes)
Hash 40701b94b6785227cfd4da9b29094591
07c21788084b1b87bbe03c1155639478e302a47c
8fef94d089a5bd31b27eeeee3db73d495adb46e54e8afb8b0bd059c22078abdf
GET /images/custom/transcript-4.jpg HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/jpeg
content-length: 159550
last-modified: Tue, 06 Oct 2020 13:28:07 GMT
etag: "5f7c70e7-26f3e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgnBp1l%2BFhP%2BkjuOjt7FNzaa%2FySC2Pnt2gY2j8mOUQWf8ZpjLZ3n50h8SLTccP2yjzpHNuw%2BuuWO%2Fdv07%2Bg5xjAvZ9eReZSAxWn12K9oHNqbdhm92HdEyEtbnDqVCM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb9728e59b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/custom/transcript-2.png
200 OK 165 kB URL HTTP/2 herpesyl.com/images/custom/transcript-2.png
IP
File type PNG image data, 800 x 600, 8-bit/color RGBA, non-interlaced\012- data
Size 165 kB (164889 bytes)
Hash 188cac5b93ed24b277f9807069c5a652
2746ee2f8ce972ebb96392527795736437d11942
36f8a5844eeb2a290bbe2fcd4092be69673266cca0c83dd7c23760ee6274b5ba
GET /images/custom/transcript-2.png HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/png
content-length: 164889
last-modified: Tue, 06 Oct 2020 13:28:07 GMT
etag: "5f7c70e7-28419"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpWZGIVa1Pt4WFsRnuI7hRC9fstgnD9iAi3%2F7kdqV8vn5y6MEM%2FsdJyGwXTt7%2FziwLIl6CfXwAmDgJpb98ZU4oSL7NF7hp0IM%2B6HOLqX5sBEZec0nLph%2F0JhFcm3%2FtQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb9728e55b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/products/prod7/1-bottle.png
200 OK 47 kB URL HTTP/2 herpesyl.com/images/products/prod7/1-bottle.png
IP
File type PNG image data, 397 x 600, 8-bit colormap, non-interlaced\012- data
Hash a3471b92e374e0218f22876d4888c03a
20acc0b2e0fc4acec8d8f17567cbc2f76bc3f966
55eeeb510c9221d04505ba727e07e5c5fa3253deac6341dc6b65a067bf2d8763
GET /images/products/prod7/1-bottle.png HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/png
content-length: 46868
last-modified: Tue, 06 Oct 2020 13:28:07 GMT
etag: "5f7c70e7-b714"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pemInIMYqPFKNQNsi3PLrfjLWUzvWMvj88XYWxX%2FJuLRXQF4GFEDSY%2FnyGWZE%2BiFqi9L6N9NtjJnS7hKEIGRd27H0ej%2B7kRYbnwrrI60wc%2FqsK9xbeSgx4E1zxAErQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb972be6fb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/app/buygoods.png
200 OK 11 kB URL HTTP/2 herpesyl.com/images/app/buygoods.png
IP
File type PNG image data, 180 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash f8ceeead5762b13c0006bd7e87b58303
f1d3b1cd44210675bbd091b377aa1c9ae4113959
f963522c3847eeecf8358c314f6293aa0d314fe539968df7a55c617538d5309c
GET /images/app/buygoods.png HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/png
content-length: 11016
last-modified: Thu, 30 Jul 2020 13:50:28 GMT
etag: "5f22d024-2b08"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yD8YJJCgletii1qB%2B8Z%2FtTr%2BfLHdk1bY3kRGru46usNgBU8%2Fdh1%2BW9hv1V2gV%2Bo0zqKnJh%2BrjKE5%2Bywmd1OKFEl3Y%2B0TTRh5Ss%2Bn34KvrxZ0X%2FjOfFVaS3V4wFX4Dl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb972ee88b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/products/prod8/3-bottles.png
200 OK 98 kB URL HTTP/2 herpesyl.com/images/products/prod8/3-bottles.png
IP
File type PNG image data, 751 x 600, 8-bit colormap, non-interlaced\012- data
Hash 47f092050042fdda9df6b4f9a2ad30e6
a953a152fdf8d170d8c45fdf6f069694b1d058ea
74158b93b3563a53b44309850d8e23a56018622e57fd02b75456a7f54c827665
GET /images/products/prod8/3-bottles.png HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/png
content-length: 98408
last-modified: Tue, 06 Oct 2020 13:28:07 GMT
etag: "5f7c70e7-18068"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWbrTNAIN3h22mPW7z66ripj3SDqZmloLBS4RZSi6csHFqq6iexT7VMj7X9wP9E3NGkLHFlCRJA1iWjjaeezMF0lF1VTonZT2tu5%2BvDZrnW9GMIQ7GwjRC2uEDTkQZU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb972ee85b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/custom/transcript-6.png
200 OK 708 kB URL HTTP/2 herpesyl.com/images/custom/transcript-6.png
IP
File type PNG image data, 1960 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 708 kB (707603 bytes)
Hash e2144db8f18e452bd946ae9bc38c2776
12fa4a2ce2da95af7215b5cb3b54e702ead3497c
ab2af802f9240c243d72bcb425fb2102bc5e7233079c3ef0c5f0ade81a6e22c1
GET /images/custom/transcript-6.png HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/png
content-length: 707603
last-modified: Tue, 06 Oct 2020 13:28:07 GMT
etag: "5f7c70e7-acc13"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9m59HbSKXtAXiAl60c701dP1yTRnUyBock4hKLrg0x%2BJcQE%2BJ1LrMCVrUWp0M2l2mfrXwOGHR0auvlTECTuVw4GEjU5njz6M1ukDC%2BgC7xUzOo1r5tS6S5Uqi0IreNQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb9729e61b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/custom/exit-popup.png
200 OK 104 kB URL HTTP/2 herpesyl.com/images/custom/exit-popup.png
IP
File type PNG image data, 426 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size 104 kB (104359 bytes)
Hash 0ebf57fcb69574970687d090ab4c5a88
6c1b03e60f451ba4167235d9bbf94749555dffec
1038365eab1dfe345a1d7f5cae17cbebb5797a93ba0526132e014b53d813389c
GET /images/custom/exit-popup.png HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/png
content-length: 104359
last-modified: Tue, 06 Oct 2020 13:28:07 GMT
etag: "5f7c70e7-197a7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOlkC3vOAQEDqs3sKFdHTgmaKIZpiWczf5xOHhISccgSLlol2l12oIXwcxuS%2FYGrdYrvLs8fnxN2g2OFFqlEOIMQ4C5F6aeSlwhZBhfRZQ0%2BPn7Ez%2B27G78RnRIyI%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb972ee89b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/products/prod9/6-bottles.png
200 OK 137 kB URL HTTP/2 herpesyl.com/images/products/prod9/6-bottles.png
IP
File type PNG image data, 1078 x 600, 8-bit colormap, non-interlaced\012- data
Size 137 kB (137258 bytes)
Hash 85f052187f1715913e2737b6a36e23aa
448f497175cd706f5f01e30045afdc44d4fd52b0
bf1d3b5f8b04cb12bbf5bd1148992c34475d24702b16f0dda8271bce7b039981
GET /images/products/prod9/6-bottles.png HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/png
content-length: 137258
last-modified: Tue, 06 Oct 2020 13:28:07 GMT
etag: "5f7c70e7-2182a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBJtqHZqrenJNae%2BjEAzFstNeliFd3PcMObwnfNb53bm8SGmjyK8G3TIt7OGV49XQmb0FgQc%2B8Zu9IWVMoJzkjLjyf%2BMXcpXviMZKVvqcsEuhtK%2BjnrhjEN6YpsbidE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb972ee87b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/products/prod11/6-bottles.png
200 OK 137 kB URL HTTP/2 herpesyl.com/images/products/prod11/6-bottles.png
IP
File type PNG image data, 1078 x 600, 8-bit colormap, non-interlaced\012- data
Size 137 kB (137258 bytes)
Hash 85f052187f1715913e2737b6a36e23aa
448f497175cd706f5f01e30045afdc44d4fd52b0
bf1d3b5f8b04cb12bbf5bd1148992c34475d24702b16f0dda8271bce7b039981
GET /images/products/prod11/6-bottles.png HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/png
content-length: 137258
last-modified: Mon, 01 Mar 2021 08:11:04 GMT
etag: "603ca198-2182a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIfe%2F02u7i0wMxvBGIJMAX%2FpsuYh6S8YEdOEPDfsd%2FsMer12F2Y5GORAAknGz95fj9zvs%2B3Y%2FjmKrbApS6KoeSf%2BPDSGVFNT9cZFZKzhzR5oYX8%2BdN6bsRseXv7J83o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb972ee8ab4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
herpesyl.com/images/custom/transcript-1.png
200 OK 2.3 MB URL HTTP/2 herpesyl.com/images/custom/transcript-1.png
IP
File type PNG image data, 1200 x 786, 8-bit/color RGBA, non-interlaced\012- data
Size 2.3 MB (2337540 bytes)
Hash c977d514419cc91d55f8555514913eea
504e3d5402729f41a20ce464111f9f10063c8431
f1c3fdd0064db91dec9b3589ab3f5429b27be95c03b3da703d1ca9193128bac1
GET /images/custom/transcript-1.png HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: image/png
content-length: 2337540
last-modified: Tue, 06 Oct 2020 13:28:07 GMT
etag: "5f7c70e7-23ab04"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPXPiX3JMukz9mwi4774bfR33uKwGknbkyAhGnM%2Fm8uiyOYD0%2F7UCY2NJarVwppv4aodZSB%2ByJhLREhgGsho%2FwiiCjMAeO3cwWP711hLZMBicSV3uvru37sV88jgznM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb9728e54b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 28b2540175d61c00d27f70e525b8faf2
a77690df83406262e5394d1bed9b0f5e78259b38
aabc8717006a9e16f94ef4b803d6a7cc52ae0332589e3db2d90aca9a61bab9ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=89828
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:26 GMT
Etag: "63704b8a-117"
Expires: Tue, 15 Nov 2022 01:42:34 GMT
Last-Modified: Sun, 13 Nov 2022 01:42:34 GMT
Server: nginx
Content-Length: 279
herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
200 OK 52 kB URL HTTP/2 herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19941)
Hash 982da45ac1ca90478041f47c97dec4d8
e218d0acc3e98693695bb81550a34091680f29ec
19c7e6f7c44d68e760adb2d5b6f2ad0acb3fe15daac30aa6a1d5d6cdabb7cebe
GET /report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338 HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; expires=Thu, 24-Nov-2022 00:45:26 GMT; Max-Age=864000; path=/; samesite=lax
_=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; expires=Thu, 24-Nov-2022 00:45:26 GMT; Max-Age=864000; path=/; httponly; samesite=lax
referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; expires=Sat, 19-Nov-2022 00:45:26 GMT; Max-Age=432000; path=/; httponly; samesite=lax
affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; expires=Sat, 19-Nov-2022 00:45:26 GMT; Max-Age=432000; path=/; httponly; samesite=lax
pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; expires=Sat, 19-Nov-2022 00:45:26 GMT; Max-Age=432000; path=/; httponly; samesite=lax
hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D; expires=Sat, 19-Nov-2022 00:45:26 GMT; Max-Age=432000; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdFcJ6a5LdxnS%2Bh%2F2JSGrCCBk4kEl%2Bco3nBHPD%2BkQ0U%2Fi380qT%2FS1i1tduy9TQYEVaVBbe3vXfqoTo0Azq%2F1EjCRMibm8YgoFRxCu%2F%2BIXCWRrvoZFtWzUCYGe4T1AzE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 769bb96e9ca7b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bc49d7a510846ce4c52fc2bcf19c591c
42189d9ddeba55c15da20ab02c8ccad4a8ad7ae2
86ce259086857d53f246aa21f8cb5dc2be85435601b687f727d3a5a2e38ec406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
herpesyl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.1 kB URL HTTP/2 herpesyl.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Hash 2e7a043958e5256901208d6178149d4a
03e8a1a9339455ebf8dba90e87468ce69d30f981
9aeaab0b201404170a8115a150eeb64c717cd6483e61c6ba85d47b0ce4eefdb6
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: application/javascript
last-modified: Wed, 09 Nov 2022 12:52:00 GMT
etag: W/"636ba270-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtjYGxkWgsYQJx9MhgSlsRVW5sNJ%2BhnMNKtzcmgxLPiBDb5gGuBPxzbPWiCiz1GILAAx71%2FRPRn9%2F2tlQa1JXQnGxjBiWi%2BkHUcjqq5DosgwU%2FImgrYtgv4ipHyRAcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb972ee8cb4f7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 16 Nov 2022 00:45:26 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-62785402-50
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-62785402-50
IP
File type ASCII text, with very long lines (1921)
Hash 8693bb4e031410146f87ee8a5e9390e1
dbac1ca11888919d07ccd2f357a9b39124d63fe9
557b6bc21d3404b26b4614f8649262a17462f73729327a0fb7a6dadb88c49e21
GET /gtag/js?id=UA-62785402-50 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Nov 2022 00:45:27 GMT
expires: Mon, 14 Nov 2022 00:45:27 GMT
cache-control: private, max-age=900
last-modified: Mon, 14 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d6dcd32d23f1840e1ed591b30b098bb6
98defcbcd3ae6d45e12b7ed0a55d7d32da675289
f7a78d0502af553972a836a0deb4a0239a3506fcf962f23f58c73fbb84c2313b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
herpesyl.com/css/app.css?id=2c41bc66d47e52746122
200 OK 9.9 kB URL HTTP/2 herpesyl.com/css/app.css?id=2c41bc66d47e52746122
IP
File type Unicode text, UTF-8 text, with very long lines (38732), with no line terminators
Hash ea5e797295fe41f2523f96334dcb1156
7ee396b4b88afc719e3f03c29e5422631d8b9c39
2079826e259789df2679faf18d245288d32cf8e6a1a5feb45124d8fcb9bbc260
GET /css/app.css?id=2c41bc66d47e52746122 HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: text/css
last-modified: Fri, 12 Aug 2022 12:54:34 GMT
etag: W/"62f64d8a-974e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP66Lge7714SY5A89MvLyTNfRncVk%2B6AL1G6ynHFJ6DurWr6dUy45SIaWKfcqtPQI7IE%2BhXRAOKHP1l2T0QibnDGas55Yj%2FbuIoxntmeUDn7BOx6%2FuNbUr3cOfmr%2FAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb9728e52b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://herpesyl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 16:40:18 GMT
expires: Fri, 10 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 288309
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3723d23fdcd3f3d34132d56faae4428b
4bf9c6e15b8de24fc7387ce145382f9b3e9cb1c8
4bc047ec725bd4d99c9dd4fa11edc91702f722d16e53b5eef0920cb5dc7e7ca8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25036, version 1.0\012- data
Hash 9dd150fb7229e143e0f71ba1fe8c8f63
664abfc4941054600213dda51a3d6f0d05b3c312
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://herpesyl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 23:09:40 GMT
expires: Sat, 11 Nov 2023 23:09:40 GMT
cache-control: public, max-age=31536000
age: 178547
last-modified: Mon, 11 Jul 2022 18:59:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9130
Expires: Mon, 14 Nov 2022 03:17:37 GMT
Date: Mon, 14 Nov 2022 00:45:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9130
Expires: Mon, 14 Nov 2022 03:17:37 GMT
Date: Mon, 14 Nov 2022 00:45:27 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash 03ed812188582830cae50729a2ce9386
b97cb531ac770dd980c1cd8a02547e0b36f2f869
b54f027b3e47c29644f98fa4f20e54031f3ad4ec69322aa3a818f73ddec3a087
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93778
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Etag: "63705af9-116"
Expires: Tue, 15 Nov 2022 02:48:25 GMT
Last-Modified: Sun, 13 Nov 2022 02:48:25 GMT
Server: nginx
Content-Length: 278
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79bb215a-e89c-4283-a75c-00553c3b1d23.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79bb215a-e89c-4283-a75c-00553c3b1d23.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 918075949ca1f968bcd5a4041e4abb04
a2118691872703130115af5c310f54608fd553c6
48d27ae81f2947f110fb02700f13ce07624c209dafc859ebe597bd78a98e5b92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79bb215a-e89c-4283-a75c-00553c3b1d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6733
x-amzn-requestid: de724003-b580-4376-beb4-f24775ea9967
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjzMlGtJoAMFT8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63716583-2610d36a6f418f1806023957;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: MD-kF8yO3EDoc7F8JkDdRoAJEAj6R8Bw95Q0Z9a60Du2ROvxad1Hgw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:53:45 GMT
age: 10302
etag: "a2118691872703130115af5c310f54608fd553c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e7a51c-5de3-477d-928f-95ab858d7616.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e7a51c-5de3-477d-928f-95ab858d7616.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 32cd1a339ce2c05c0d0e57e0d706068f
9d223cfd46c57e901a892dbdb10d9be5a33017b3
a98f05d589d44c9d03e785253c9655f846a283425a84f9282ae96bc3e0487d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e7a51c-5de3-477d-928f-95ab858d7616.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5401
x-amzn-requestid: 45142688-ad31-425c-9391-c7a8c8c74a1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhz-5FKyIAMFYDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637099f8-71be2fa256fd345c5f3436c6;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 07:17:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: InAofPuyHHjnQpW1oK5EwPMe5jOpGLq8HoCVTGRU_157FHD-SBnA2A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 07:40:47 GMT
age: 61480
etag: "9d223cfd46c57e901a892dbdb10d9be5a33017b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ubqvgLaJlGIxyJC1KBJP4ncx_2ltXS0C5dLGddjtbkt6pJmX84_VAg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:54:01 GMT
age: 10286
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f1e763f44800e4de06d69a3b2af74da
35afe48832221fe42de30260b9bcb15867109031
5f234c025d1f586b4364d2ef8c2818d3d4d441691444bb885e89f4c150b3d2a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9322
x-amzn-requestid: 0becd817-a29e-46bf-b9d6-2d18e12f5fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDvE8DoAMFsiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-5b4bf1674c4edf80458cf53f;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dMpz1U6HlmADIQZWvt1WR4D_nqlatl0mYBwg4rI6HDkKFbJCnivOgA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:50:08 GMT
age: 10519
etag: "35afe48832221fe42de30260b9bcb15867109031"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd7b84df82a13b2ea007322eab69b77
e2803d3c0c7dfe4c052b3159f2d54cc66a379d5d
c38b65bba8ec8817930831c76c09b4dd620c8f5394d87c3b60e1753a0ee0ef60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: 4c6840b8-17b3-425e-9b9f-3a44f6a1f53f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjybyH8hoAMFWCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371644b-18076898244705c50282e0c1;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:27 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5hFnfiQW9lh7eMkBGqkHJAkMcokct21U6V7927YNiQTVLdU6Xph1lQ==
via: 1.1 f6fac6150e74e246a088cfa5c1ab6452.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:33:59 GMT
age: 7888
etag: "e2803d3c0c7dfe4c052b3159f2d54cc66a379d5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0db3498954921b58948ad8a4e7fd49f
6b618c3ff6e589f9e01650bd0a619acb70d8004e
fa3baa9e32e455ab2eeefab0c76714bf0ff5f67a5ccd7c10b3f5c21d8138c5cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6535
x-amzn-requestid: 3333aa65-c0c7-4704-9af1-fb0a49f830fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDtHbhoAMFSsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-51c3e4513240b7e5662b8e6e;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6dTOcWIKFuo-Thf3zUH_1WY70yFyQkj3w2xPrb6Ntjf8TUFPVG-_lA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:54:01 GMT
age: 10286
etag: "6b618c3ff6e589f9e01650bd0a619acb70d8004e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 14 Nov 2022 00:41:09 GMT
expires: Mon, 14 Nov 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 258
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8407d0e10edccb49f0046879825b7141
c9c4dcfc9e674053ed246cc99500d4dd10065bce
9e41f526c12734040e62aac8d4b8b093f60977d9b00feb10e81f78db19de8c26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/www-widgetapi.js
200 OK 54 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/www-widgetapi.vflset/www-widgetapi.js
IP
File type ASCII text, with very long lines (817)
Hash ae0ce5c949c3cc29975dd77fd9bdebb3
00325ae2ca1c29c0f9fe563e192f1670b5423401
c537b6fe052e0b9e311c90bc61da3a6545033a061a04b79989b93a84cbf7176b
GET /s/player/c4225c42/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 53867
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Nov 2022 20:52:34 GMT
expires: Mon, 13 Nov 2023 20:52:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 13973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
200 OK 490 B URL HTTP/2 www.youtube.com/iframe_api
IP
File type ASCII text, with very long lines (509)
Hash 1314474390f91bfe736ebc0970771a00
ea04057a63fed8435148a84e116606ec0e1043cb
eaf99ffad8afa70ee3b875fd075136fe25ed8b6266869b45b1c2a6926f876bd9
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Mon, 14 Nov 2022 00:45:27 GMT
date: Mon, 14 Nov 2022 00:45:27 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=NkQ674KOpzI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=TupzhdGJvLg; Domain=.youtube.com; Expires=Sat, 13-May-2023 00:45:27 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+616; expires=Wed, 13-Nov-2024 00:45:27 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8407d0e10edccb49f0046879825b7141
c9c4dcfc9e674053ed246cc99500d4dd10065bce
9e41f526c12734040e62aac8d4b8b093f60977d9b00feb10e81f78db19de8c26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.revcontent.com/master/rev.js
200 OK 9.6 kB URL HTTP/2 assets.revcontent.com/master/rev.js
IP
File type Unicode text, UTF-8 text, with very long lines (26626), with no line terminators
Hash fbc620fbc3b8cbccd8b0cd55a95157d7
a6e402628fd26c41999ae21b3aa768483328fc87
af73a5299bf680e0b4050d55f539a4dff8b92c20d0d31eaf19dee1edc6f6b5bd
GET /master/rev.js HTTP/1.1
Host: assets.revcontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:27 GMT
content-encoding: gzip
content-length: 9617
content-type: application/x-javascript
last-modified: Wed, 09 Oct 2019 15:23:49 GMT
accept-ranges: bytes
x-amz-id-2: 0/QJwu3xoyXs5L6DoOlWs7cTxKO4Zq0g0zOBRgzrhW1N7K1448jkoS8GAGNyKs3ht21/rQqHNrI=
x-amz-request-id: 29YNBEA0MJE0D3CX
etag: "46482d4733f3f6c1f93601a6274bc264"
cache-control: no-cache
server: AmazonS3
x-hw: 1668386727.cds216.sk1.hn,1668386727.cds231.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 7367645b1a25441288b0aebc3ae15eac
103b1f2c62682c1e17d55cc8e348d96fbfdce25e
63aeb616f976de953eb54ef36d5dd54a47c18c35612896f056e699356f873419
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1552
Cache-Control: max-age=153667
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Etag: "63713eda-116"
Expires: Tue, 15 Nov 2022 19:26:34 GMT
Last-Modified: Sun, 13 Nov 2022 19:00:42 GMT
Server: ECS (amb/6B72)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 03ed812188582830cae50729a2ce9386
b97cb531ac770dd980c1cd8a02547e0b36f2f869
b54f027b3e47c29644f98fa4f20e54031f3ad4ec69322aa3a818f73ddec3a087
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93778
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:27 GMT
Etag: "63705af9-116"
Expires: Tue, 15 Nov 2022 02:48:25 GMT
Last-Modified: Sun, 13 Nov 2022 02:48:25 GMT
Server: nginx
Content-Length: 278
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 12:31:58 GMT
expires: Sun, 12 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 130409
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:46:16 GMT
expires: Fri, 10 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 269951
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
go.maxweb.com/conversion/iframe/?a=6340&token=5fab846c5ef14f926072834dc34ac2ae
200 OK 39 kB URL HTTP/2 go.maxweb.com/conversion/iframe/?a=6340&token=5fab846c5ef14f926072834dc34ac2ae
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (456)
Hash ce22264c77a62a37e22337a62ad9baae
e26e28d68db911e4e9184e4ab20d5d075467d9e9
0fbfbea73b6ae054992eb98fc29890fadfe785373c214d75027e8591e0a5ffa1
GET /conversion/iframe/?a=6340&token=5fab846c5ef14f926072834dc34ac2ae HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Mon, 14 Nov 2022 01:45:28 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 769bb979397bb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 11 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=307154EF2B0E671E101346B32A5966F5; domain=.bing.com; expires=Sat, 09-Dec-2023 00:45:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 35794CAFDFA2478685BA2C5E26EB85C4 Ref B: OSL30EDGE0319 Ref C: 2022-11-14T00:45:28Z
date: Mon, 14 Nov 2022 00:45:28 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5225201&Ver=2&mid=acec5060-0ce5-475a-823d-d715677220e3&sid=a195135063b511edb9b867f218540cde&vid=a195384063b511edb8f76994d07d91fa&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Pixels&p=https%3A%2F%2Fherpesyl.com%2F&r=<=413&evt=pageLoad&ifm=1&sv=1&rn=714917
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5225201&Ver=2&mid=acec5060-0ce5-475a-823d-d715677220e3&sid=a195135063b511edb9b867f218540cde&vid=a195384063b511edb8f76994d07d91fa&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Pixels&p=https%3A%2F%2Fherpesyl.com%2F&r=<=413&evt=pageLoad&ifm=1&sv=1&rn=714917
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5225201&Ver=2&mid=acec5060-0ce5-475a-823d-d715677220e3&sid=a195135063b511edb9b867f218540cde&vid=a195384063b511edb8f76994d07d91fa&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Pixels&p=https%3A%2F%2Fherpesyl.com%2F&r=<=413&evt=pageLoad&ifm=1&sv=1&rn=714917 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=219B0C36C259638217F11E6AC30E62E7; domain=.bing.com; expires=Sat, 09-Dec-2023 00:45:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ADD9F46F352F47CE824C8293E4BFE1CA Ref B: OSL30EDGE0319 Ref C: 2022-11-14T00:45:28Z
date: Mon, 14 Nov 2022 00:45:28 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/5225201.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5225201.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5225201.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1286C0F3EB176B393F00D2AFEA406A52; domain=.bing.com; expires=Sat, 09-Dec-2023 00:45:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FFC4949C70E0481E9E64C39AA72190A1 Ref B: OSL30EDGE0319 Ref C: 2022-11-14T00:45:28Z
date: Mon, 14 Nov 2022 00:45:28 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f7d94e96a88cb28c894fe4d8d5f66fcd
93e3c0fb77100bae593efd2d0043ccb39be596bd
086478278bf7236ca0110c7a8f4960f440541def70f6439b07273dcec30f72e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0df79cbc834bd5e53cf14431365341dc
00e5191435de6d5804d36e8db45d1858dfc67e62
6a4d0997ea345b437ad5f53d41699920f946ba31bbc2b01e005516485328d033
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a.mgid.com/mgsensor.js?d=1668386726959
200 OK 4.8 kB URL HTTP/2 a.mgid.com/mgsensor.js?d=1668386726959
IP
File type ASCII text, with very long lines (15105), with no line terminators
Hash 12128c17af715112f98817bc0fae38b2
216d4c9fff1c47b4f7ed337885bf754dcb1ca5a9
b596829e305959bd121b022ccac322625e2496626a8c9e3eedd30e1bc3b4a86e
GET /mgsensor.js?d=1668386726959 HTTP/1.1
Host: a.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.maxweb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:28 GMT
content-type: application/javascript
vary: Accept-Encoding
x-mg-request-uuid: d32c0417-d18a-499e-b051-abad5a9fa99d
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=PKLYX.4vJef3DbepZPviyCnkqZY5TqyJsqIy2lux_E0-1668386728-0-AZQQkeqqQxNLikRf7bvefgPiR6gi2dfDHoR9wsapSTIk0dI8N5+GMMQBmZ4S0FIu6Ch8m+Zr6T2teF317WgVs9c=; path=/; expires=Mon, 14-Nov-22 01:15:28 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 769bb97c78ae0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 14 Nov 2022 00:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c032f30e41c8a71a7610a7be9f7b6255
01daaa4dbbb0e2d2402e4796c37843f01464c813
bcefb7ad2179e9704c340d8cefc2de63aac8e9e35c10433090127cd7e323bb7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800
200 OK 2.5 kB URL HTTP/2 fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800
IP
Hash 7d30b7d3a7dc8b5542b6058a45bf83ba
476936730c5546c6f8a6bfc8ec2472e583506a91
791aae3de51ab88307fe00810013861c31ed33a539829b56c6c4bdfcc54edb90
GET /css2?family=Oswald:wght@400;500;600;700;800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 00:45:27 GMT
date: Mon, 14 Nov 2022 00:45:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 14 Nov 2022 00:45:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a635b6112e22763022c9bce0e9141fae
13ba9e635ad5bf7bb57c39a154eec28c4b326801
4b22d01fc2179a0a13fd70d7e80b98f0b865397af369c2dc03678b072b7f7e90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js
IP
File type ASCII text, with very long lines (36070)
Hash 7d6dc2989ad5a0a0590a37f1e0d2fb53
d8a8adcb74248ab834fa21e83d4935dd9a1ff4aa
92dfcdcf42525cfbe070b98ead507fa1cb2db11b4e5d390b64f04fc661c6515c
GET /js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 10:23:35 GMT
expires: Sun, 12 Nov 2023 10:23:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
age: 138113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash fc888dd9b64708d010f5917adc5acd2c
0c90bc25eab2b51e07b6a5af6a329c1ec6cbbe59
2e19fe19b58ad59af3a7660bc31bbfbc54195803bcc917cde76afe98925a1f40
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 14 Nov 2022 00:45:28 GMT
server: ESF
cache-control: private
content-length: 31079
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b22d56bb72bffd94b2d6912ee6647e45
cf4126f40a02cc92a4dab3b89fd78a204d6aba4b
1f0bf8a51c17346639c8a7ecb4bfb7cbf29a4591838b3e4d38700e3d0b08dcd5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-76&cid=99796736.1668386726&jid=1014884566&gjid=13182734&_gid=128739628.1668386726&_u=4GDAAUADQAAAACAAI~&z=1583039433
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-76&cid=99796736.1668386726&jid=1014884566&gjid=13182734&_gid=128739628.1668386726&_u=4GDAAUADQAAAACAAI~&z=1583039433
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-76&cid=99796736.1668386726&jid=1014884566&gjid=13182734&_gid=128739628.1668386726&_u=4GDAAUADQAAAACAAI~&z=1583039433 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://herpesyl.com
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://herpesyl.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 14 Nov 2022 00:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-50&cid=99796736.1668386726&jid=1512807445&gjid=946581978&_gid=128739628.1668386726&_u=4GBAAUACQAAAACAAI~&z=1764526872
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-50&cid=99796736.1668386726&jid=1512807445&gjid=946581978&_gid=128739628.1668386726&_u=4GBAAUACQAAAACAAI~&z=1764526872
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-62785402-50&cid=99796736.1668386726&jid=1512807445&gjid=946581978&_gid=128739628.1668386726&_u=4GBAAUACQAAAACAAI~&z=1764526872 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://herpesyl.com
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://herpesyl.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 14 Nov 2022 00:45:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/KM54lcvlOlY/maxresdefault.webp
200 OK 48 kB URL HTTP/2 i.ytimg.com/vi_webp/KM54lcvlOlY/maxresdefault.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bda6193a3efd8f6065c6f682f8da2fb0
a4cb749702b511050bbf760979f6254057d51857
862449b5141a06005778af8f75e117a6929e90255034d4d06ed235082e0be1f3
GET /vi_webp/KM54lcvlOlY/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 47522
date: Mon, 14 Nov 2022 00:45:28 GMT
expires: Mon, 14 Nov 2022 02:45:28 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2d7e9e442c6aadc7d741b26d0417fada
c3ce4eb6fc79886cd830a297af57008f57a42e8f
833d45473c2fe3db364aa0ce31973c147f09091e630e16045d9a1e6a661152dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu_XS_MQ3CprtLAV94nVZFWmyEnAByRLpaV-e3dPhIdOlNPqDqUdZmfv-IUzDie0=s68-c-k-c0x00ffffff-no-rj
200 OK 965 B URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_XS_MQ3CprtLAV94nVZFWmyEnAByRLpaV-e3dPhIdOlNPqDqUdZmfv-IUzDie0=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash d9e4af6d2f3884d173632fb85899f176
2844918e6b7368cb99145c25003fe36f2c539fc8
19a1a7aa225df93aa8518422f904cbaade50dea44f23fba30eae9aac32c90ece
GET /ytc/AMLnZu_XS_MQ3CprtLAV94nVZFWmyEnAByRLpaV-e3dPhIdOlNPqDqUdZmfv-IUzDie0=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 965
x-xss-protection: 0
date: Sun, 13 Nov 2022 21:27:50 GMT
expires: Mon, 14 Nov 2022 21:27:50 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 11858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e750b50f8f7050d1c2180ebc2ee2ce7c
e382ddfdda9d86eec74517bae1dd9264d9abcbb6
a32b393b8eb3606470c968534a80cadd36d5eb8e3d3c9fa82f0e93061dec0712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2d7e9e442c6aadc7d741b26d0417fada
c3ce4eb6fc79886cd830a297af57008f57a42e8f
833d45473c2fe3db364aa0ce31973c147f09091e630e16045d9a1e6a661152dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 14 Nov 2022 00:45:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 856ea772fa80ae0b4cb8df03c4263bff
1f296e6250f76fe871d837318143bc2461fdf2fe
89cfc96e48f27c4beb7fae7aa3f88b8ad9125b2ee233b7ed47b3388e87b07b75
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 856ea772fa80ae0b4cb8df03c4263bff
1f296e6250f76fe871d837318143bc2461fdf2fe
89cfc96e48f27c4beb7fae7aa3f88b8ad9125b2ee233b7ed47b3388e87b07b75
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=251&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=audio%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=44243473&dur=2536.381&lmt=1654356809579969&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAL0IOL_2otJI4pbZA-nOTvgWXkeCgKuucdOu1_30uhPkAiEAw_e12gvgriXIGcdW81QNbIlgeudt-jaAwETBZQnwAHs%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=0-70277&rn=2&rbuf=0&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY=
200 OK 70 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=251&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=audio%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=44243473&dur=2536.381&lmt=1654356809579969&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAL0IOL_2otJI4pbZA-nOTvgWXkeCgKuucdOu1_30uhPkAiEAw_e12gvgriXIGcdW81QNbIlgeudt-jaAwETBZQnwAHs%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=0-70277&rn=2&rbuf=0&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY=
IP
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash ab6235e540bfd4c8b31cc38b8d8d2fc6
46069f4f2b6c4cfa24cbd9d1c15b5e10b6ddf070
29a5e57cae5d3a1320bb3566695749442faf020aabb5f347014958fe1c203f9e
GET /videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=251&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=audio%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=44243473&dur=2536.381&lmt=1654356809579969&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAL0IOL_2otJI4pbZA-nOTvgWXkeCgKuucdOu1_30uhPkAiEAw_e12gvgriXIGcdW81QNbIlgeudt-jaAwETBZQnwAHs%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=0-70277&rn=2&rbuf=0&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 04 Jun 2022 15:33:29 GMT
Content-Type: audio/webm
Date: Mon, 14 Nov 2022 00:45:29 GMT
Expires: Mon, 14 Nov 2022 00:45:29 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 70278
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=video%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=28777497&dur=2536.360&lmt=1654361549420623&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdyzdK_uxAUFaXdJv6xOKQp7fOD5FO4zLsYSj8kx2ozICIGezSl5qn-o3UCHmnHCS115SoSr4L0jM-cDgF_UQ_o0A&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=0-139110&rn=1&rbuf=0&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY=
200 OK 139 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=video%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=28777497&dur=2536.360&lmt=1654361549420623&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdyzdK_uxAUFaXdJv6xOKQp7fOD5FO4zLsYSj8kx2ozICIGezSl5qn-o3UCHmnHCS115SoSr4L0jM-cDgF_UQ_o0A&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=0-139110&rn=1&rbuf=0&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY=
IP
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Size 139 kB (139111 bytes)
Hash aab58e53868859423fb30894d86d948a
3501a900445d8e70bd0e9d042c8591fdce731038
41b9df4907a3af711e5bf3c128f64b955a47bf0136afafd4ae4d2532c3b84583
GET /videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=video%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=28777497&dur=2536.360&lmt=1654361549420623&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdyzdK_uxAUFaXdJv6xOKQp7fOD5FO4zLsYSj8kx2ozICIGezSl5qn-o3UCHmnHCS115SoSr4L0jM-cDgF_UQ_o0A&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=0-139110&rn=1&rbuf=0&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 04 Jun 2022 16:52:29 GMT
Content-Type: video/webm
Date: Mon, 14 Nov 2022 00:45:29 GMT
Expires: Mon, 14 Nov 2022 00:45:29 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 139111
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=video%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=41827507&dur=2536.360&lmt=1654361011930196&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAP7DMbvicjX4PAibdtfzbwkGulcsFIROIDITRHI8uYirAiEAtDMLJZspYgs9in4oDQFYHZ_THpa2PRV5mBXJazU3PRY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=0-7166&rn=3&rbuf=0&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY=
200 OK 7.2 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=video%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=41827507&dur=2536.360&lmt=1654361011930196&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAP7DMbvicjX4PAibdtfzbwkGulcsFIROIDITRHI8uYirAiEAtDMLJZspYgs9in4oDQFYHZ_THpa2PRV5mBXJazU3PRY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=0-7166&rn=3&rbuf=0&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY=
IP
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash a1af52b06bdb6b69e8c604194a3582d6
68abd868e52908c1692659c2a4814952d7702aa8
027474f119cc3626ef89f7499cf19440114990dbef3d6cb8b8ae0f5407ac4186
GET /videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=video%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=41827507&dur=2536.360&lmt=1654361011930196&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAP7DMbvicjX4PAibdtfzbwkGulcsFIROIDITRHI8uYirAiEAtDMLJZspYgs9in4oDQFYHZ_THpa2PRV5mBXJazU3PRY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=0-7166&rn=3&rbuf=0&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 04 Jun 2022 16:43:31 GMT
Content-Type: video/webm
Date: Mon, 14 Nov 2022 00:45:29 GMT
Expires: Mon, 14 Nov 2022 00:45:29 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 7167
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 856ea772fa80ae0b4cb8df03c4263bff
1f296e6250f76fe871d837318143bc2461fdf2fe
89cfc96e48f27c4beb7fae7aa3f88b8ad9125b2ee233b7ed47b3388e87b07b75
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:45:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=video%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=28777497&dur=2536.360&lmt=1654361549420623&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdyzdK_uxAUFaXdJv6xOKQp7fOD5FO4zLsYSj8kx2ozICIGezSl5qn-o3UCHmnHCS115SoSr4L0jM-cDgF_UQ_o0A&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=139111-271134&rn=4&rbuf=3109&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY=
200 OK 132 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=video%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=28777497&dur=2536.360&lmt=1654361549420623&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdyzdK_uxAUFaXdJv6xOKQp7fOD5FO4zLsYSj8kx2ozICIGezSl5qn-o3UCHmnHCS115SoSr4L0jM-cDgF_UQ_o0A&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=139111-271134&rn=4&rbuf=3109&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY=
IP
ASN #50304 Blix Solutions AS
Size 132 kB (132024 bytes)
Hash b71bbba5106b22d2de801d27218c6e18
af5f4b42ee0886de41579824588b3ef0aa5a009a
0bc358b0e8fb14a4149a9c9cd455f6ae9a14c3aa691b75d4ab4b4a4bf65b9449
GET /videoplayback?expire=1668408329&ei=qY9xY8EyxJm_8g_r_63AAQ&ip=91.90.42.154&id=o-ALA1t00YVzi0gdUIoA7jGyHtqC_bYatyYE28KdaPMK2o&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Z9&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1950000&spc=SFxXNukagxOYGZC_9WfSaXemj7TIlAo&vprv=1&mime=video%2Fwebm&ns=wFpqQo8-vk0gVvlo6uZdxLQJ&gir=yes&clen=28777497&dur=2536.360&lmt=1654361549420623&mt=1668386453&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5437434&n=qzmqyIcHHfgxVg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdyzdK_uxAUFaXdJv6xOKQp7fOD5FO4zLsYSj8kx2ozICIGezSl5qn-o3UCHmnHCS115SoSr4L0jM-cDgF_UQ_o0A&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhALm7TE8vpi_gSqru4IHyEVYEcmTE-9pt4EQ9HMHPBRpYAiEA91bBDkxmw9m-Tda2OJBj7bn4wu2QGI_7Z0TXESPnap0%3D&alr=yes&cpn=z2AjNPangmasCKLF&cver=1.20221106.00.00&range=139111-271134&rn=4&rbuf=3109&pot=D22QOVQJXvRSbagru_xsSGsJFabYhnijHjGXMgSMcWUlB9dExkOxdLrtvRjULmWdXy5CP2y_6MnMoH54x6Rl1b_jCu-SI1s60S0hrfNibl7Fp691TKOCa4mtujGqN4f9PqLR6fY= HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 04 Jun 2022 16:52:29 GMT
Content-Type: video/webm
Date: Mon, 14 Nov 2022 00:45:29 GMT
Expires: Mon, 14 Nov 2022 00:45:29 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 132024
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
mwebnice.com/6340/1338/3/?subid=breakmxnww
302 Found 0 B URL HTTP/2 mwebnice.com/6340/1338/3/?subid=breakmxnww
IP
Analyzer Verdict Alert fortinet Phishing
GET /6340/1338/3/?subid=breakmxnww HTTP/1.1
Host: mwebnice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 14 Nov 2022 00:45:25 GMT
content-type: text/html; charset=UTF-8
location: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
cache-control: max-age=3600, private
pragma: no-cache
expires: Mon, 14 Nov 2022 01:45:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 769bb96ad9d7b4ee-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400
IP
GET /css2?family=Roboto:wght@400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 00:45:27 GMT
date: Mon, 14 Nov 2022 00:45:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
herpesyl.com/js/app.js?id=5b083ebcbc115ad07c00
200 OK 0 B URL HTTP/2 herpesyl.com/js/app.js?id=5b083ebcbc115ad07c00
IP
GET /js/app.js?id=5b083ebcbc115ad07c00 HTTP/1.1
Host: herpesyl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/report?aff_id=1651&subid2=6340_sessid20221114004511188&subid=1338
Cookie: XSRF-TOKEN=eyJpdiI6IlZVU2t2eVM4aSsyemZxbkR5TnJnVlE9PSIsInZhbHVlIjoib2tZS1RpUStOenJGMmQ0UEtLZ04vU21oSFZYbDRTVTZoN2ZobDk4UCt4NG93NVJCeWEyNS9JR1Jab1Ria0dLciIsIm1hYyI6ImY1ZmFhZGU3OGE0OGNhY2IyZjczMGJhYzMwNDYwYWY3OWMxMDMyOWYwNjZiODJiMzhjM2IxZjkyYzY1ODY2MjIifQ%3D%3D; _=eyJpdiI6ImlUd3lENUxraVVXcWVZZUJKYjFDWFE9PSIsInZhbHVlIjoiZ1FVVVNDc0R3am9VU0NRSk5idlhOSDRVbkZMTURMM1BaRVRhS0VYVEVGakdRdXFkUCtudndRUDh3V3lmbG42aCIsIm1hYyI6IjIxYjBiOTVmOWU0NWQyYWI0ZTkxMzVlZGU3ODIxZDA3YzZmYjAxOWY1MmY4YmZiOGFjZDIzODg0OTc3YWIzNmQifQ%3D%3D; referrer=eyJpdiI6Iko5NVZVNFRDVTZGdVd0c1BhcjVxVGc9PSIsInZhbHVlIjoicVdsNiswL0Q3cDlyNDhLcENscitxdz09IiwibWFjIjoiMTIyOWNkN2E2Y2Q2OWRmZDAwZGEzN2VhNTAwZmUyY2E3M2JkYjE1MzY0MGNjZmNhMTk4NGIxNjcxNDhkZWMxZiJ9; affiliate=eyJpdiI6IlFHL25Qc1p3YWR2WUtHTVdZMldFeGc9PSIsInZhbHVlIjoiNWtrellCRkJDNjZzWjJnaGV5cndHdz09IiwibWFjIjoiMjAxNTg5NTUzMmI2NGNmYzYwYjA4ZjFlNmIzMDMzYmMyYzRmODA5NGNjYmI3MWFhMDNmYWQyYTNiY2M0MTExNiJ9; pixels=eyJpdiI6ImdkNEFNb1hLT3BYSEUvVHRVR1U4M1E9PSIsInZhbHVlIjoiQUV5RXFLZkJDTnd2UkZqRVFVQy9tRlBmRlkvdE9ndFJaQVpuOGNIUEJObUFCZDVHeTBHc1Fwc3hOcGlmV25pSDdmOG1va0J1NnVWcHh1ViswcHdtVTNka1A3RDk3c1ZEZjMvd1J6UFdnZDI2d3lpU0ZPNGZyRVRTclM5MXN6dWZUQ0I2SGRxTWN4ZHMzYm0zejZpSlYvNmxzaHoyZ3U0a1dsQ1ZkNW1vUG5rWnd1bmpnZmdMdEM4MXlVM01uYTllcXVtUGRZd2d3MXB5U2lqNDEwOENFUkg1MjZkRjF1MWdYT3hhdE12czlWST0iLCJtYWMiOiI2YmEwYzE5NzE4OWJkYTEwMzI0ZjBlMzI4YjEzMjVjNDlhNTExODNjMWUxYjM4MWJjZDlmMWVkMmE3Y2NhNzc4In0%3D; hp=eyJpdiI6InBpM3Fid3NEZVFha0RHYWdFY3JLdXc9PSIsInZhbHVlIjoicHRHRzNSUUdqcFJVcTZGMkdTRFJnZE53QTdvYjBzcXdTV1hYU3hLaDE0a3NMOE5CazlIR2F0VG9TUFNuZHJYeiIsIm1hYyI6ImE4ZGRmODg0ZWRiMmM2OWY2OTVlN2I2ZTdiNDljNmFhMWNkYTU3ZGE0MmFlZTQyMDE4MjM0ODE2YjdjYzFmMDgifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 00:45:26 GMT
content-type: application/javascript
last-modified: Fri, 12 Aug 2022 12:54:34 GMT
etag: W/"62f64d8a-90c2e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 248
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D0PL0cHDEhat2ofmNGNtT635D6o8LKR9%2FvIvgJJXjd7Bx1MVEdNNS0gxGGoVHJatC6nqIxSMgKP9kS2Ath9cmSAtylcj3%2B2p3AGclHi7OSn%2BIb5Aifd23ESm3wpytE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769bb972ee8bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
IP
GET /css2?family=Montserrat:wght@400;500;600;700;900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 00:45:27 GMT
date: Mon, 14 Nov 2022 00:45:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Sacramento
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Sacramento
IP
GET /css2?family=Sacramento HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://herpesyl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 00:45:27 GMT
date: Mon, 14 Nov 2022 00:45:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
91.230.110.107
34.102.187.140
91.90.45.172
104.19.133.78
93.184.220.29