firefox.settings.services.mozilla.com/v1/
18.165.201.80200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.80:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 16:03:11 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 675c3f96928d591debc37b54f2b16dc2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: EWN_J7Goddqpv8MN2NYF969cNekF8EK3HZqaFYdqBrK9uwyrn8G_UA==
Age: 3489
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3910
Expires: Sun, 02 Oct 2022 18:06:30 GMT
Date: Sun, 02 Oct 2022 17:01:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.95200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.95:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 7fcc9354bd594831abf31608fb6cde60.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: Gy3nshtsaLGzZ4WcpC-45EuDBZKyyxBojmxQe6pB_7-aY5AO7Fgcow==
age: 48484
X-Firefox-Spdy: h2
care.netrohealthcare.com/ga/click/2-299584706-1550-14398-28116-26002-bf3bdf19d0-r73058a570
154.53.42.166302 Found 135 B URL HTTP/1.1 care.netrohealthcare.com/ga/click/2-299584706-1550-14398-28116-26002-bf3bdf19d0-r73058a570
IP 154.53.42.166:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash cb9f0de5f3d72937c6cf78818048acf0
9f44c4575bdd13f06c2249da07ad2fc51d8c6f2e
28493c534a466dfeb1218f5e66e87b04215af4f944650dc04dc69c2616d1cced
Analyzer Verdict Alert fortinet Phishing
GET /ga/click/2-299584706-1550-14398-28116-26002-bf3bdf19d0-r73058a570 HTTP/1.1
Host: care.netrohealthcare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 02 Oct 2022 17:00:54 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: 9351f7bb528ff1904d515cb79a724cad
Location: https://www.i4wntrk.com/9W598/5SW1KJK/?sub1=fvgtyujjugtrgtyujiuyjhgtr
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.017629
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 17:01:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash a6577b246c31c087118bfae2dbce03c6
97403634f99a6402cdf7ea63be15c49cc8c8c318
747a175299c0278da64e5eb1a8f238627b533c2b5cff95bd7dd9ab09919c878b
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 02 Oct 2022 17:01:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 01 Oct 2022 21:32:00 GMT
Expires: Sun, 02 Oct 2022 21:32:00 GMT
ETag: "97403634f99a6402cdf7ea63be15c49cc8c8c318"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.i4wntrk.com/9W598/5SW1KJK/?sub1=fvgtyujjugtrgtyujiuyjhgtr
34.102.147.100302 Found 112 B URL HTTP/2 www.i4wntrk.com/9W598/5SW1KJK/?sub1=fvgtyujjugtrgtyujiuyjhgtr
IP 34.102.147.100:0
File type HTML document, ASCII text
Hash 119e6c4d59c9e06e3f2a62a0d7b645c4
95b79857ddd5d4256c63cb6f68dbc780336d00a2
c1615064ab8c890fb82e818e1ef7ad779b3f075e624fdb71e39bcc9ea2eb1461
GET /9W598/5SW1KJK/?sub1=fvgtyujjugtrgtyujiuyjhgtr HTTP/1.1
Host: www.i4wntrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 02 Oct 2022 17:01:20 GMT
content-type: text/html; charset=utf-8
content-length: 112
location: https://www.ejnj0trk.com/22M3FLL/2SCN7G/?sub1=7&sub2=6e81ad83adf741dc9a7eabf10b5c7d6e
set-cookie: uniqueClick_5SW1KJK=c34c0e8c-551a-4cf8-b162-6396a1d38b3b:1664730080; Path=/; Expires=Tue, 01 Nov 2022 17:01:20 GMT; Secure; SameSite=None
transaction_id=6e81ad83adf741dc9a7eabf10b5c7d6e; Path=/; Expires=Sat, 31 Dec 2022 17:01:20 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 3f886d1f-0bc0-4707-a177-2759e5df3a58
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.80200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.80:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 16:32:56 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 16:54:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ad6a59dd9fdc1afb57f7131fcd96bf20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: c0teBYatN8yBFv5kOFYdvykaqHXNCIL93dyJYtqYhGVLuaJTmWk7JQ==
Age: 1707
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash a6577b246c31c087118bfae2dbce03c6
97403634f99a6402cdf7ea63be15c49cc8c8c318
747a175299c0278da64e5eb1a8f238627b533c2b5cff95bd7dd9ab09919c878b
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 02 Oct 2022 17:01:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 01 Oct 2022 21:32:00 GMT
Expires: Sun, 02 Oct 2022 21:32:00 GMT
ETag: "97403634f99a6402cdf7ea63be15c49cc8c8c318"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 264ebc28cb2e20afed79f2b206aff4f7
9f0963043b1ef69332aabe29d762bbe970cb9dc2
3b75f4209165a074e1b7177b559c65b3a5cfebeba41c535f20cf667ac98ab5b5
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 02 Oct 2022 17:01:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 01 Oct 2022 20:57:54 GMT
Expires: Sun, 02 Oct 2022 20:57:54 GMT
ETag: "9f0963043b1ef69332aabe29d762bbe970cb9dc2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5957
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:20 GMT
Last-Modified: Sun, 02 Oct 2022 15:22:03 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.ejnj0trk.com/22M3FLL/2SCN7G/?sub1=7&sub2=6e81ad83adf741dc9a7eabf10b5c7d6e
34.120.202.146302 Found 178 B URL HTTP/2 www.ejnj0trk.com/22M3FLL/2SCN7G/?sub1=7&sub2=6e81ad83adf741dc9a7eabf10b5c7d6e
IP 34.120.202.146:0
File type HTML document, ASCII text
Hash ec7cc9e7996d383140c88e6d4eeedaca
844a57e13ee827418611a6ffe4d6d64da00257b4
231048fda481aaae63cf8c2f7a8920a9a87436d5cf29853a8a4c6a9605a0e844
GET /22M3FLL/2SCN7G/?sub1=7&sub2=6e81ad83adf741dc9a7eabf10b5c7d6e HTTP/1.1
Host: www.ejnj0trk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 02 Oct 2022 17:01:20 GMT
content-type: text/html; charset=utf-8
content-length: 178
location: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
set-cookie: uniqueClick_2SCN7G=c6dbbbb2-93ee-43eb-94a3-b5174aa098fc:1664730080; Path=/; Expires=Sun, 09 Oct 2022 17:01:20 GMT; Secure; SameSite=None
transaction_id=7c55dfa2e2ce4b53abb0dbac7ed11b6f; Path=/; Expires=Sat, 31 Dec 2022 17:01:20 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: de8c7db0-476b-4ce0-b28f-759739629d53
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 264ebc28cb2e20afed79f2b206aff4f7
9f0963043b1ef69332aabe29d762bbe970cb9dc2
3b75f4209165a074e1b7177b559c65b3a5cfebeba41c535f20cf667ac98ab5b5
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 02 Oct 2022 17:01:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 01 Oct 2022 20:57:54 GMT
Expires: Sun, 02 Oct 2022 20:57:54 GMT
ETag: "9f0963043b1ef69332aabe29d762bbe970cb9dc2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
push.services.mozilla.com/
35.167.231.108101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.231.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RsKA92P/yJaKupDsNdgpUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bumYBFFw5xQ/pzwrNNl/7hpe5Wo=
trybeliv.com/assets/images/BELIVx1-500px.png
104.26.12.204200 OK 33 kB URL HTTP/2 trybeliv.com/assets/images/BELIVx1-500px.png
IP 104.26.12.204:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e9d977cffc0178cfce497439adf78917
b89b1b835adfcd7ed4bbfd85a3cf0556784e7202
94ddc26e27695aa2cb8956db72aa7d8edf4b307f315b3a0397b5ffdfef188767
GET /assets/images/BELIVx1-500px.png HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:21 GMT
content-type: image/webp
content-length: 32950
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=53582
content-disposition: inline; filename="BELIVx1-500px.webp"
vary: Accept
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5377
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbCM4pchKRVm%2BMv8C9NprEXJX0AiPHgtEZJskvayrpmHc9UxdBPX4l0itFLS1%2B7OX85xmnwyeqz372AaR8Gi91T4jjbBXCuxrT5fHEjnOLYPiq%2BOWtQzJSelwUSgGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753effe19b50b523-OSL
X-Firefox-Spdy: h2
trybeliv.com/assets/images/BELIVx3-500px.png
104.26.12.204200 OK 63 kB URL HTTP/2 trybeliv.com/assets/images/BELIVx3-500px.png
IP 104.26.12.204:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ee2c5be64acaf850b532cd1ce178e4df
30399d2b5cb250f610a59a3f2af7ddece5b0eaad
1c2fedb2dcb7d452c15e28aa7681804f2ff44f2d183030b54455b23212ded98d
GET /assets/images/BELIVx3-500px.png HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:21 GMT
content-type: image/webp
content-length: 62894
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=85426
content-disposition: inline; filename="BELIVx3-500px.webp"
vary: Accept
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGkhog5RcLjTibRVtRL174aYDc0%2BqnktAefaQ3EAe0YwiNfjj5JopsvuCsWLqzHHGGHhsj8QGPBBm4g0fClpt%2FDFKCD3XHhtXBfVbRMEwYzTrxQYFtVv%2BXaspCrZUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753effe19b58b523-OSL
X-Firefox-Spdy: h2
trybeliv.com/assets/images/BELIVx6-500px.png
104.26.12.204200 OK 90 kB URL HTTP/2 trybeliv.com/assets/images/BELIVx6-500px.png
IP 104.26.12.204:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 66292f52b1d9df7e7e17934ae424ac1b
fcb7a033bf6a61522e7c7d3188afd838eb5a3217
910650a2de1831885b7ce79b9ff1f261fae054ace4e362b7c04beec3f08d47cb
GET /assets/images/BELIVx6-500px.png HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:21 GMT
content-type: image/webp
content-length: 90040
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=121232
content-disposition: inline; filename="BELIVx6-500px.webp"
vary: Accept
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4sZXw3QsFaX%2BYYlFiN9qGUodJTssLb7EWRACCPkOlKavIZJ2dgAM8Mb%2FY8XrctXqDQyt4uPquhgiR%2BUAYh%2B6HNAkphLBg8gGop5bZypFwdvCEM6fUtzplxfUI60cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753effe19b53b523-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
142.250.74.170200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 22:00:13 GMT
expires: Thu, 28 Sep 2023 22:00:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 327668
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trybeliv.com/assets/js/webflow.js
104.26.12.204200 OK 60 kB URL HTTP/2 trybeliv.com/assets/js/webflow.js
IP 104.26.12.204:0
File type Unicode text, UTF-8 text, with very long lines (56856)
Hash ffeb797ed8431afa476c05bf5769b217
21d32079102fb9f810e37330e1989eb84542a841
5be460112a5e868d9b1bf2b4bd082ffee7964f65f63ac029be2cfbbeed62e347
GET /assets/js/webflow.js HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:21 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=189044
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5378
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OezNrO2ktltJ6lQIdxjWTa6uTbY8T82E1xILS6cRYX7pxLD4Hc7mu%2FhznIR2yNr79DDuZxTyWxbqB1VsDDTdxzsaIMuOPlQ%2FG6oY3TUlR4usIikpbIDpRizmpo7LIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753effe1cbbdb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
104.26.12.204200 OK 47 kB URL HTTP/2 trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
IP 104.26.12.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3064), with CRLF, LF line terminators
Hash f744d97c3cbfff9cf730413d64c810b2
9d8e59677ac42b2f16bc0efa3bd004727a9ac097
72b9a422276d3382b44d8da31b1e670fa395ddf3032d029f6e67d0aca218ece0
GET /b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5= HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:21 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkx%2BeIFs%2BW%2BzJeOd%2FlIKKbJ8fOXxcKtSmwEZZCNVKKvx19g8fps0H1w5GJkh%2F2UlFzZPCEtJauGc5zH%2BvbiY5A%2FWJ19Ui6HggAPewykgbRnKdOGrLnE2yvb1gMxavg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; path=/
__cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL; SameSite=None; Secure; path=/; expires=Mon, 03-Oct-22 16:01:21 GMT; HttpOnly
server: cloudflare
cf-ray: 753effde7edbb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-RF0P0MLLMC
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-RF0P0MLLMC
IP 142.250.74.168:0
File type ASCII text, with very long lines (21348)
Hash 7af6524d92cc89a2d665b7bd7245e0d4
76a0d4ec5676067ae5a576faae7f7c3c82adf79d
b581d4fac7632dd4dd800e1a0935645c77e735d4ef7fbb3ba1cc94ea648fcd49
GET /gtag/js?id=G-RF0P0MLLMC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 17:01:21 GMT
expires: Sun, 02 Oct 2022 17:01:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76569
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ravenjs.com/3.22.3/raven.min.js
151.101.130.217200 OK 11 kB URL HTTP/2 cdn.ravenjs.com/3.22.3/raven.min.js
IP 151.101.130.217:0
File type Unicode text, UTF-8 text, with very long lines (28593)
Hash 8cbcd61633abe10dbb38fae2719ed95b
2ef7bd1a706e16e60f85ec251e059065e10e3263
0ce2f6499c370efffe0bbbe12d4bb869eacdcbdda16b8155621b951c47e45479
GET /3.22.3/raven.min.js HTTP/1.1
Host: cdn.ravenjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 13 Feb 2018 10:14:13 GMT
etag: "fa070961d2a2647811b3c79fd72499f3"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
accept-ranges: bytes
date: Sun, 02 Oct 2022 17:01:21 GMT
age: 50374
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
timing-allow-origin: *
cache-control: public, max-age=31536000
content-length: 10752
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-P8BHFM3
142.250.74.46200 OK 42 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-P8BHFM3
IP 142.250.74.46:0
File type ASCII text, with very long lines (2039)
Hash b5ae23e42a8ae3abaf3c4e0e86a5cdc1
89c8a904f9409017cae5792c2b0e734c9e2c8a26
705296387841f7ee50f4c186896cc906c0282c3ca26101716f029d1f8199ee3d
GET /optimize.js?id=OPT-P8BHFM3 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 17:01:21 GMT
expires: Sun, 02 Oct 2022 17:01:21 GMT
cache-control: private, max-age=900
last-modified: Sun, 02 Oct 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41675
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a2d3925dad8ae1248c7b5d96220bd00a
8b6326da45860d5f480504e23864de0c28523b61
421d30a538dc347afc7fc8eee0fa6502aa65d789eb2353eb9c9f8bd0c5f3b3d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trybeliv.com/assets/images/logo.png
104.26.12.204200 OK 3.1 kB URL HTTP/2 trybeliv.com/assets/images/logo.png
IP 104.26.12.204:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 484a4397bfec5b1c79dc9b7468a7ee5d
d22e8804156a4332c915d5d496e56489d525ce54
00742b45e10dff22f94b85e38ecdf03d053a0bc622bbaa8300295becfda7204a
GET /assets/images/logo.png HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:21 GMT
content-type: image/webp
content-length: 3098
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=7527
content-disposition: inline; filename="logo.webp"
vary: Accept
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOpZFGRpAehPHnzkAx35kWJrE2PteEx1jVTqbHMnTKfVafYsPY8UEGyt8vKum0SKx06DTanCzh3lVa%2FVei0%2B7einHXy%2Bm28eJfWP9Ih72bkPKXogvebQ3uI8MNH10g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753effe31db0b523-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPoppins:200,regular,700,900%7CRoboto+Condensed:300,300italic,regular,italic,700
142.250.74.10200 OK 6.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPoppins:200,regular,700,900%7CRoboto+Condensed:300,300italic,regular,italic,700
IP 142.250.74.10:0
Hash 237b0470196fb295422d9773d6c6ab39
119c6fe93cd9bbd9786543a12883a6ab94e350a2
71c4c8108dc326aae5136c7552cc645ee95fdf580111f12c6b74504aba58b159
GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CPoppins:200,regular,700,900%7CRoboto+Condensed:300,300italic,regular,italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 17:01:21 GMT
date: Sun, 02 Oct 2022 17:01:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
216.58.207.195200 OK 7.6 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7632, version 1.0\012- data
Hash 5426bf50c8455aab7a3e89d1138eb969
ec0cbbcb4600e691cb24a63451f758727f90a306
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
GET /s/poppins/v20/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:44:25 GMT
expires: Fri, 29 Sep 2023 16:44:25 GMT
cache-control: public, max-age=31536000
age: 260216
last-modified: Wed, 27 Apr 2022 17:09:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:32:09 GMT
expires: Thu, 28 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 336552
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 336622
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb2de1a6c4c76b62bd9b5844ac8f0711
205f8666f86cf5f699ed5c8252c46004492fa88e
d0f5a54640474e3d0383d5302a9899e8060456287379906d2359925c6d36c46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:40:18 GMT
expires: Fri, 29 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 260464
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.195200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 22:19:03 GMT
expires: Tue, 26 Sep 2023 22:19:03 GMT
cache-control: public, max-age=31536000
age: 499339
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 02 Oct 2022 16:41:09 GMT
expires: Sun, 02 Oct 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 1213
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ab779588f01243aca896d41395f8bd90
b8ef2d7cdc6366c283db0d608766a126dce37164
5531deca73d8380883740395d82457f4d39761134404876881242e2135b1546a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3093
Expires: Sun, 02 Oct 2022 17:52:55 GMT
Date: Sun, 02 Oct 2022 17:01:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3093
Expires: Sun, 02 Oct 2022 17:52:55 GMT
Date: Sun, 02 Oct 2022 17:01:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3093
Expires: Sun, 02 Oct 2022 17:52:55 GMT
Date: Sun, 02 Oct 2022 17:01:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3093
Expires: Sun, 02 Oct 2022 17:52:55 GMT
Date: Sun, 02 Oct 2022 17:01:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 68867
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94d82ad8d70761f6ee1384b4183335f3
5d3389a965cfa45dab2202d89b40264368674e8a
ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:38 GMT
age: 68864
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:45 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 68797
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:23 GMT
age: 69239
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
age: 68867
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 44383
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-RF0P0MLLMC>m=2oe9s0&_p=1744387656&cid=1616445591.1664730082&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664730081&sct=1&seg=0&dl=https%3A%2F%2Ftrybeliv.com%2Fb-beliv%2F101.php%3Faff_id%3D42%26sessid%3Da43tr11664730080%26subid2%3D7c55dfa2e2ce4b53abb0dbac7ed11b6f%26subid%3D653%26subid3%3D7%26sub5%3D&dt=BeLiv%20-%20Nature%27s%20Secret%20for%20Healthy%20Blood%20Sugar.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-P8BHFM3
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-RF0P0MLLMC>m=2oe9s0&_p=1744387656&cid=1616445591.1664730082&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664730081&sct=1&seg=0&dl=https%3A%2F%2Ftrybeliv.com%2Fb-beliv%2F101.php%3Faff_id%3D42%26sessid%3Da43tr11664730080%26subid2%3D7c55dfa2e2ce4b53abb0dbac7ed11b6f%26subid%3D653%26subid3%3D7%26sub5%3D&dt=BeLiv%20-%20Nature%27s%20Secret%20for%20Healthy%20Blood%20Sugar.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-P8BHFM3
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-RF0P0MLLMC>m=2oe9s0&_p=1744387656&cid=1616445591.1664730082&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664730081&sct=1&seg=0&dl=https%3A%2F%2Ftrybeliv.com%2Fb-beliv%2F101.php%3Faff_id%3D42%26sessid%3Da43tr11664730080%26subid2%3D7c55dfa2e2ce4b53abb0dbac7ed11b6f%26subid%3D653%26subid3%3D7%26sub5%3D&dt=BeLiv%20-%20Nature%27s%20Secret%20for%20Healthy%20Blood%20Sugar.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-P8BHFM3 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://trybeliv.com
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://trybeliv.com
date: Sun, 02 Oct 2022 17:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 02 Oct 2022 17:01:23 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
172.217.21.174200 OK 31 kB URL HTTP/2 www.youtube.com/iframe_api
IP 172.217.21.174:0
File type ASCII text, with very long lines (509)
Hash db81b74d322adafc0b0cecde1d5c1b61
31a0b4a15abb55fd6fc5e3a1f58d698c73500140
bfec4fd2dbb8e7a811f26abc0869d654bb43dad59e4e987cc1ae24fbf7acb1bf
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sun, 02 Oct 2022 17:01:22 GMT
date: Sun, 02 Oct 2022 17:01:22 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=UJ-W08ldBKQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=qZeb4fheIPU; Domain=.youtube.com; Expires=Fri, 31-Mar-2023 17:01:22 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+661; expires=Tue, 01-Oct-2024 17:01:22 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c13a9bf4003891ab621ca04b258f9880
8b0fb77ebf4d31235c62a8f10b1b8e4b4f77ad77
eb06a3da143e66c58a0e707ecd9b2b0818adc44b0f4e5244ac62545be8db4dd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/NlUNSIFvo5wCYcXQ-u4I5THZLnIccH0HJcHijT-zuHJHm1QFIESzhmmPsHnye5GjmTjcE4QXHw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.6 kB URL HTTP/2 yt3.ggpht.com/NlUNSIFvo5wCYcXQ-u4I5THZLnIccH0HJcHijT-zuHJHm1QFIESzhmmPsHnye5GjmTjcE4QXHw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 2027ba0dd5f024fe5ac38ef274059ef3
8723407a16211c54b59196701b08995c9dfbff39
32e0316859a4252b536c71eb3fd42ad96880f2cd8bb2741b003daf1fa03a0b6e
GET /NlUNSIFvo5wCYcXQ-u4I5THZLnIccH0HJcHijT-zuHJHm1QFIESzhmmPsHnye5GjmTjcE4QXHw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2640
x-xss-protection: 0
date: Sun, 02 Oct 2022 13:32:16 GMT
expires: Thu, 04 Aug 2022 11:44:19 GMT
cache-control: public, max-age=86400, no-transform
age: 12547
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/nrTPYF1MeWhW5u-1uricHJVJdskICRuFTkjv60UEiAs.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/nrTPYF1MeWhW5u-1uricHJVJdskICRuFTkjv60UEiAs.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35828)
Hash 1ed889cab64ed21b731024b197a7a51c
ac82dc07537c66a13443af1b52503291de1ade7e
253b4a86a0907fa19514319f0238b813391fde9211a048823cae7220a432442e
GET /js/th/nrTPYF1MeWhW5u-1uricHJVJdskICRuFTkjv60UEiAs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:19:45 GMT
expires: Sun, 01 Oct 2023 01:19:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 15:00:00 GMT
content-type: text/javascript
age: 142898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7e15f8d9dbad9d581b56c5a46119490a
b32c787f57655202043c3f0be18664fcac5c0f1e
f46852793c9d91c8ac43a3d794baa5bd47e7b2adb71fe403c4d4db0961e074ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7e15f8d9dbad9d581b56c5a46119490a
b32c787f57655202043c3f0be18664fcac5c0f1e
f46852793c9d91c8ac43a3d794baa5bd47e7b2adb71fe403c4d4db0961e074ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c57a62fb230234e53b81a5603d3dce29
b6646ed0fd7416598a3b4137a17af8380428d277
e411e0959fc27b02f074b3bd685a9cb507dceb7295258b05577f481b03d3d36c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trybeliv.com/assets/images/unmute.png
104.26.12.204200 OK 38 kB URL HTTP/2 trybeliv.com/assets/images/unmute.png
IP 104.26.12.204:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 474712762cbf20e0e2321bca59b07012
fa921f88f1432a7454f96300e0dae259ec023637
dc3f2d49d97f59a54662403eb1e2868a924305c7a59a816b7172e93e5e1655ab
GET /assets/images/unmute.png HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL; transaction_id=7c55dfa2e2ce4b53abb0dbac7ed11b6f; _ga_RF0P0MLLMC=GS1.1.1664730081.1.0.1664730081.0.0.0; _ga=GA1.2.1616445591.1664730082; _gid=GA1.2.1009115133.1664730082; _gat_gtag_UA_131822362_25=1; sessid2=sessid20221002170143842; spi_funnel_codename=; aff_id=42; sid=653%7C7c55dfa2e2ce4b53abb0dbac7ed11b6f; campaign_id=; referrer=91.90.42.154::trybeliv.com%2Fb-beliv%2F101
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:23 GMT
content-type: image/webp
content-length: 38118
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=74162
content-disposition: inline; filename="unmute.webp"
vary: Accept
last-modified: Fri, 01 Jul 2022 08:21:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2B5WS%2BqPCGuUalfmUhjEj%2BzXfArp4Mj9OA3gCoBEN40JGNSNO4PZ3WI3pseRDj9HwIDM7LUGn8jEd73i3aaU8vVGf2xC0rCYZTDat2IkNHGlrM95AZgn5QqDY3gzoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 753effed4d92b523-OSL
X-Firefox-Spdy: h2
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664751683&ei=48M5Y66uCbHRyQW1saMQ&ip=91.90.42.154&id=o-ACIYoypZ0Rqb_6EyUaE-rEJ1IGcmdBtsYLYfR3NbQZBY&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=786250&spc=yR2vp5PvEGETWNiaKQoU5zekMIJwXz0&vprv=1&mime=video%2Fwebm&ns=9tRhglcuyLSAZmGUJYPy4dQI&otf=1&otfp=1&dur=0.000&lmt=1661359828388146&mt=1664729158&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=jdK_GaeeN1ug2w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALQh3hpDbQzHYrnppIU_KKzMgm7ZhUjjSOp5abwmheaEAiEAyFvbSJo-KO-5WHdSGmJpdh7MUggC-e-t8c2Zof_cHnw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMQYnAP-bn4JzwdvcaEsAmuZ8qEkK4Wbzl5QarhySUutAiEA5gOVXMioXAW_RCQ9i9HNrqpPDpQlunfjdbWd2mMEHFI%3D&alr=yes&cpn=dZxil06pJB53ZKNg&cver=1.20220928.01.00&sq=0&rn=1&rbuf=0
91.90.45.172200 OK 2.7 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664751683&ei=48M5Y66uCbHRyQW1saMQ&ip=91.90.42.154&id=o-ACIYoypZ0Rqb_6EyUaE-rEJ1IGcmdBtsYLYfR3NbQZBY&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=786250&spc=yR2vp5PvEGETWNiaKQoU5zekMIJwXz0&vprv=1&mime=video%2Fwebm&ns=9tRhglcuyLSAZmGUJYPy4dQI&otf=1&otfp=1&dur=0.000&lmt=1661359828388146&mt=1664729158&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=jdK_GaeeN1ug2w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALQh3hpDbQzHYrnppIU_KKzMgm7ZhUjjSOp5abwmheaEAiEAyFvbSJo-KO-5WHdSGmJpdh7MUggC-e-t8c2Zof_cHnw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMQYnAP-bn4JzwdvcaEsAmuZ8qEkK4Wbzl5QarhySUutAiEA5gOVXMioXAW_RCQ9i9HNrqpPDpQlunfjdbWd2mMEHFI%3D&alr=yes&cpn=dZxil06pJB53ZKNg&cver=1.20220928.01.00&sq=0&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash cc03559e4add40c0806ebd315eb572fc
0a0cfe721397ace94957839c3801ce36d5415b5f
72981119ad9d2b59d2e8b6030bbbcccc5ca19c207df0ded811af69015b9466e5
GET /videoplayback?expire=1664751683&ei=48M5Y66uCbHRyQW1saMQ&ip=91.90.42.154&id=o-ACIYoypZ0Rqb_6EyUaE-rEJ1IGcmdBtsYLYfR3NbQZBY&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=786250&spc=yR2vp5PvEGETWNiaKQoU5zekMIJwXz0&vprv=1&mime=video%2Fwebm&ns=9tRhglcuyLSAZmGUJYPy4dQI&otf=1&otfp=1&dur=0.000&lmt=1661359828388146&mt=1664729158&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=jdK_GaeeN1ug2w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhALQh3hpDbQzHYrnppIU_KKzMgm7ZhUjjSOp5abwmheaEAiEAyFvbSJo-KO-5WHdSGmJpdh7MUggC-e-t8c2Zof_cHnw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMQYnAP-bn4JzwdvcaEsAmuZ8qEkK4Wbzl5QarhySUutAiEA5gOVXMioXAW_RCQ9i9HNrqpPDpQlunfjdbWd2mMEHFI%3D&alr=yes&cpn=dZxil06pJB53ZKNg&cver=1.20220928.01.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 25 Aug 2022 05:23:44 GMT
Content-Type: video/webm
Date: Sun, 02 Oct 2022 17:01:23 GMT
Expires: Sun, 02 Oct 2022 17:01:23 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 2672
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7e15f8d9dbad9d581b56c5a46119490a
b32c787f57655202043c3f0be18664fcac5c0f1e
f46852793c9d91c8ac43a3d794baa5bd47e7b2adb71fe403c4d4db0961e074ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash acc6d30b2a700501317a6f710448c9c7
36ed01969a43314f517bc70578bf626bb4ee690c
e6152d8d9bb2fd4c72cf23f38d9f7fb2f471f14a475ac459e84d49fc970f8353
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/GRFCJbSjSAo/maxresdefault.webp
142.250.74.118200 OK 65 kB URL HTTP/2 i.ytimg.com/vi_webp/GRFCJbSjSAo/maxresdefault.webp
IP 142.250.74.118:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf61814974d73646d86c7f60ab1c4a31
fe70e42345014514ab7a2c9d7cecb24a77d7c401
ad1c734fb72ce4b82fb365ae2182cf5f17dfb26b282b41d861bb8937603194ce
GET /vi_webp/GRFCJbSjSAo/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 65282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 17:01:23 GMT
expires: Sun, 02 Oct 2022 19:01:23 GMT
cache-control: public, max-age=7200
etag: "1661371659"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9aefbd5315a10afbd9dadc8536e2824a
797eaba10ac56913f4f21546da9afb302ca1cf6b
f55778da82d7fbb46ebbe45c52172c3f9970c3638836298caf592d160174b2e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 17:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 02 Oct 2022 17:01:23 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash df2fe17764d1a67da7a26d2d556cda34
c4c25d5081c7ddbcec951f50b2494f4d4f35c077
d22f36538864807532566a7d8e558bd785f80effae31ed70da5738c1301d2aa3
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1339
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 02 Oct 2022 17:01:23 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b11c8ecfed53e302ab48fa5f757513a4
b3cb36455b3cb0a160c705958add6c422a0a48a2
fb66239038dddd134d3c5c7a656c91c57737bc784fabefe15a5ef2981e68e2b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fcf832b-84d6-4938-a540-280bf3205df1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 4ea2bfb1-fc99-4777-aa98-0605d4a704ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpmEBlIAMFj2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-039358f5691f895941f485fd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -zAvZvugUNsIscx7YT34xPY-AiaxduJGMkM23GqxSvfl0EmqWOmysA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:52:38 GMT
age: 68931
etag: "b3cb36455b3cb0a160c705958add6c422a0a48a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trybeliv.com/assets/css/webflow.css
104.26.12.204200 OK 0 B URL HTTP/2 trybeliv.com/assets/css/webflow.css
IP 104.26.12.204:0
GET /assets/css/webflow.css HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:21 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=39314
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5378
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOanBZ3Adx6EGo7MnqDzRWL4izYSWFekpxYwBXyxlcGM1XqJe%2B3leRDzoDaYwJpXLO%2BibOTkhQSmh3cWJ0PC5Lb%2BMBdIwAA81hwAcBT3BMhr5UhwwsteLb4bkppupw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753effe19b3eb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
trybeliv.com/assets/css/normalize.css
104.26.12.204200 OK 0 B URL HTTP/2 trybeliv.com/assets/css/normalize.css
IP 104.26.12.204:0
GET /assets/css/normalize.css HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:21 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7772
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5378
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uV7cutLBM%2FQXh4krKUEDA8iaX2QjrYsP4w%2F4wSAzU1KeMLi%2BOyd09gokPyLxzYf6QGsHhJ%2BhqblJh3lA9%2FuxG5jNWZib1uzMXgUz8o%2FiBtQuaXZVkO3x6NtT9YDAMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753effe19b39b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
trybeliv.com/assets/css/beliv.webflow.css?v=1.2
104.26.12.204200 OK 0 B URL HTTP/2 trybeliv.com/assets/css/beliv.webflow.css?v=1.2
IP 104.26.12.204:0
GET /assets/css/beliv.webflow.css?v=1.2 HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:21 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=233849
last-modified: Tue, 13 Sep 2022 19:14:11 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5378
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfIvYj8JkPyNaKJRNArjl%2BBhFdBwW8%2F%2BdWug8rhFNRk4MnuqxaKQLZj2ZfBh4KHHDka673lzWTmewYx9%2B1wUeQOqtXIzyBvuc7HdetgI6GeHGjUakSV87ByhNeMqfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753effe19b47b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
trybeliv.com/assets/js/accordion.js
104.26.12.204200 OK 0 B URL HTTP/2 trybeliv.com/assets/js/accordion.js
IP 104.26.12.204:0
GET /assets/js/accordion.js HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:21 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1710
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5378
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWXLwgKvotp32XNiqJQfYjXIGEprKMZeUhRMHXG4wEP0rxpldnvQGGf6H9YtKK1nvfzxscMZd2G%2BNO2402wTQErxhSmfMxj%2Bown0VRu4sOqFXuxkSre3UwrREtJk1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753effe1cbbeb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
tracking.buygoods.com/track/?a=7385&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=BLV01,BLV06,BLV03&caller_url=https%3A%2F%2Ftrybeliv.com%2Fb-beliv%2F101.php%3Faff_id%3D42%26sessid%3Da43tr11664730080%26subid2%3D7c55dfa2e2ce4b53abb0dbac7ed11b6f%26subid%3D653%26subid3%3D7%26sub5%3D
172.66.43.22200 OK 0 B URL HTTP/2 tracking.buygoods.com/track/?a=7385&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=BLV01,BLV06,BLV03&caller_url=https%3A%2F%2Ftrybeliv.com%2Fb-beliv%2F101.php%3Faff_id%3D42%26sessid%3Da43tr11664730080%26subid2%3D7c55dfa2e2ce4b53abb0dbac7ed11b6f%26subid%3D653%26subid3%3D7%26sub5%3D
IP 172.66.43.22:0
GET /track/?a=7385&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=BLV01,BLV06,BLV03&caller_url=https%3A%2F%2Ftrybeliv.com%2Fb-beliv%2F101.php%3Faff_id%3D42%26sessid%3Da43tr11664730080%26subid2%3D7c55dfa2e2ce4b53abb0dbac7ed11b6f%26subid%3D653%26subid3%3D7%26sub5%3D HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:22 GMT
content-type: application/javascript
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
set-cookie: spiaffid_7385=42; expires=Sat, 31-Dec-2022 17:01:22 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisubid_7385=653%7C7c55dfa2e2ce4b53abb0dbac7ed11b6f; expires=Sat, 31-Dec-2022 17:01:22 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spicampaign_id_7385=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_7385=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
spireferrer_7385=91.90.42.154::trybeliv.com%2Fb-beliv%2F101; expires=Sat, 31-Dec-2022 17:01:22 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spisessid2_7385=sessid20221002170143842; expires=Sat, 31-Dec-2022 17:01:22 GMT; Max-Age=7776000; path=/; domain=.buygoods.com
spi_funnel_codename_7385=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.buygoods.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 753effe2fd39b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trybeliv.com/assets/images/favicon.ico
104.26.12.204200 OK 0 B URL HTTP/2 trybeliv.com/assets/images/favicon.ico
IP 104.26.12.204:0
GET /assets/images/favicon.ico HTTP/1.1
Host: trybeliv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trybeliv.com/b-beliv/101.php?aff_id=42&sessid=a43tr11664730080&subid2=7c55dfa2e2ce4b53abb0dbac7ed11b6f&subid=653&subid3=7&sub5=
Cookie: PHPSESSID=e5acee5bcc838254e1864544e18af3a6; __cflb=0H28upmg3HpFiXquczEWQEGVxC4vbxGhZbCfuuKyALL; transaction_id=7c55dfa2e2ce4b53abb0dbac7ed11b6f; _ga_RF0P0MLLMC=GS1.1.1664730081.1.0.1664730081.0.0.0; _ga=GA1.1.1616445591.1664730082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 17:01:22 GMT
content-type: image/x-icon
last-modified: Wed, 22 Jun 2022 16:39:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2rAHxaM3vz%2BUtry6CFsHRroOqbD37rKveVFnE7ehY9WCJIK8X6jXI%2BtfrQH7YirKFmcylphl%2BMPgafsDCVcVaUhmps43jsz6HPPbaRaLsLsk34vYeXNyDhSFcuTNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753effe5a92eb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664751683&ei=48M5Y66uCbHRyQW1saMQ&ip=91.90.42.154&id=o-ACIYoypZ0Rqb_6EyUaE-rEJ1IGcmdBtsYLYfR3NbQZBY&itag=251&source=youtube&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=786250&spc=yR2vp5PvEGETWNiaKQoU5zekMIJwXz0&vprv=1&mime=audio%2Fwebm&ns=9tRhglcuyLSAZmGUJYPy4dQI&gir=yes&clen=46674669&otfp=1&dur=2566.661&lmt=1661359892452831&mt=1664729158&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=jdK_GaeeN1ug2w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgHGb6xgroxyX2X5ny3dEN7BlK7EUg-t-AyQ-ofcorKPwCIQCa1GI7oE8qRhv2AltKKGvUjIm3ZEPaLv1NMcjRalNUYw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMQYnAP-bn4JzwdvcaEsAmuZ8qEkK4Wbzl5QarhySUutAiEA5gOVXMioXAW_RCQ9i9HNrqpPDpQlunfjdbWd2mMEHFI%3D&alr=yes&cpn=dZxil06pJB53ZKNg&cver=1.20220928.01.00&range=0-70331&rn=2&rbuf=0
91.90.45.172200 OK 0 B URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1664751683&ei=48M5Y66uCbHRyQW1saMQ&ip=91.90.42.154&id=o-ACIYoypZ0Rqb_6EyUaE-rEJ1IGcmdBtsYLYfR3NbQZBY&itag=251&source=youtube&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=786250&spc=yR2vp5PvEGETWNiaKQoU5zekMIJwXz0&vprv=1&mime=audio%2Fwebm&ns=9tRhglcuyLSAZmGUJYPy4dQI&gir=yes&clen=46674669&otfp=1&dur=2566.661&lmt=1661359892452831&mt=1664729158&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=jdK_GaeeN1ug2w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgHGb6xgroxyX2X5ny3dEN7BlK7EUg-t-AyQ-ofcorKPwCIQCa1GI7oE8qRhv2AltKKGvUjIm3ZEPaLv1NMcjRalNUYw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMQYnAP-bn4JzwdvcaEsAmuZ8qEkK4Wbzl5QarhySUutAiEA5gOVXMioXAW_RCQ9i9HNrqpPDpQlunfjdbWd2mMEHFI%3D&alr=yes&cpn=dZxil06pJB53ZKNg&cver=1.20220928.01.00&range=0-70331&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
GET /videoplayback?expire=1664751683&ei=48M5Y66uCbHRyQW1saMQ&ip=91.90.42.154&id=o-ACIYoypZ0Rqb_6EyUaE-rEJ1IGcmdBtsYLYfR3NbQZBY&itag=251&source=youtube&requiressl=yes&mh=MR&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=786250&spc=yR2vp5PvEGETWNiaKQoU5zekMIJwXz0&vprv=1&mime=audio%2Fwebm&ns=9tRhglcuyLSAZmGUJYPy4dQI&gir=yes&clen=46674669&otfp=1&dur=2566.661&lmt=1661359892452831&mt=1664729158&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=jdK_GaeeN1ug2w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgHGb6xgroxyX2X5ny3dEN7BlK7EUg-t-AyQ-ofcorKPwCIQCa1GI7oE8qRhv2AltKKGvUjIm3ZEPaLv1NMcjRalNUYw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAMQYnAP-bn4JzwdvcaEsAmuZ8qEkK4Wbzl5QarhySUutAiEA5gOVXMioXAW_RCQ9i9HNrqpPDpQlunfjdbWd2mMEHFI%3D&alr=yes&cpn=dZxil06pJB53ZKNg&cver=1.20220928.01.00&range=0-70331&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 24 Aug 2022 16:51:32 GMT
Content-Type: audio/webm
Date: Sun, 02 Oct 2022 17:01:23 GMT
Expires: Sun, 02 Oct 2022 17:01:23 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 70332
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube-nocookie.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0