Report - fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123

Report Overview

Submitted URL
fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-31 17:14:04
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	1.7 kB	93.184.220.29
trk.anarchywarrior.com	unknown	2021-09-16T18:06:03Z	2023-03-13T05:19:03Z	537 B	1.3 kB	104.21.43.3
cbtb.clickbank.net	103233	2015-11-12T09:51:45Z	2023-03-13T07:14:33Z	369 B	1.5 kB	52.32.168.94
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	964 B	104.18.32.68
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.237.163.41
a2a60bt7oyb26zje7lukl88v77.hop.clickbank.net	unknown	2022-07-30T16:20:32Z	2023-03-04T14:56:45Z	670 B	861 B	54.148.132.194
glucoswitch.com	unknown	2021-08-19T17:56:40Z	2023-03-06T09:03:35Z	17 kB	1.1 MB	104.26.4.140
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	982 B	48 kB	216.58.207.227
analytics-ingress-global.bitmovin.com	47119	2017-08-18T07:30:44Z	2023-03-13T03:18:17Z	2.9 kB	2.4 kB	35.190.27.197
stats.vidalytics.com	153185	2017-02-08T03:49:35Z	2023-03-13T03:18:17Z	1.8 kB	1.4 kB	107.178.211.97
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.starfieldtech.com	6616	2012-06-22T20:08:50Z	2023-03-13T05:25:08Z	692 B	4.7 kB	192.124.249.22
prod.cbstatic.net	108120	2018-07-06T00:30:53Z	2023-03-13T07:14:35Z	1.2 kB	9.3 kB	54.230.111.43
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	59 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	391 B	32 kB	216.58.207.234
ocsp.godaddy.com	698	2012-05-20T21:28:57Z	2023-03-13T05:12:19Z	1.0 kB	6.9 kB	192.124.249.41
fitleanhealth.com	unknown	2021-12-09T18:21:56Z	2023-03-04T15:17:16Z	864 B	64 kB	188.114.96.1
fast.vidalytics.com	218005	2017-02-08T03:49:35Z	2023-03-12T22:38:55Z	7.6 kB	4.7 MB	151.139.128.10
licensing.bitmovin.com	19299	2017-01-30T07:23:56Z	2023-03-13T09:23:26Z	931 B	1.0 kB	35.227.229.24
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.1 kB	3.0 kB	54.230.245.110
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-13T07:25:00Z	394 B	918 B	188.114.99.234
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	2.4 kB	17 kB	142.250.74.106
seal-boise.bbb.org	116015	2015-07-24T20:24:24Z	2023-03-13T07:14:36Z	420 B	4.8 kB	82.102.27.18
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.8 kB	5.6 kB	216.58.211.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123	Phishing
2023-01-31	medium	fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	prod.cbstatic.net/dist/injectable.js	191 kB	2023-03-07	2024-04-23
Pretty URL prod.cbstatic.net/dist/injectable.js IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:28 Last Seen2024-04-23 20:33:08 Times Seen897 Hash af651c30e1a69f6f2124e9c1d094a300 4328efe60a0ca51ab455d67ef6b257998cb1cdee f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f Loading...

	glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154	2.1 MB	2023-03-12	2023-03-13
Pretty URL glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154 IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:31:57 Last Seen2023-03-13 13:28:31 Times Seen1 Hash b3ed12401940f8ceac56862e4603ac56 bd02bba64c7251e31d6c532da3c35a41915d134f 88258c7aaa165d2045d68836f505f7325b7e1d8f15ac2c18fc4e142dc9e426d0 Loading...

	glucoswitch.com/discovery/js/jquery-3.5.1.js	90 kB	2023-03-07	2024-04-25
Pretty URL glucoswitch.com/discovery/js/jquery-3.5.1.js IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 05:43:58 Times Seen139058 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154	917 B	2023-03-08	2023-03-13
Pretty URL glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154 IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:19 Last Seen2023-03-13 13:28:31 Times Seen1 Hash c1b4e031edf2267dfda7926d0023458a d53aec27b3a70c4f2b2f794edb3f6dd19bf0fd3c 80a4c5c928c438c5ec34eb9713097609955ad1efdbc7ddad0bdc3a8703b0fbfa Loading...

	glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154	226 B	2023-03-08	2023-03-13
Pretty URL glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154 IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:20 Last Seen2023-03-13 13:28:31 Times Seen1 Hash af3eaf204e38eb1336a98159906846aa c7d0a7973c456fa1d0bfb0cd5c8645fdf4169e9b 5726648cc62420c48a442f72d3879b05f55717c39a9214b30292bae88fbdb040 Loading...

	cbtb.clickbank.net/?vendor=gswitch	936 B	2023-03-07	2024-02-29
Pretty URL cbtb.clickbank.net/?vendor=gswitch IP 52.32.168.94 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:47 Last Seen2024-02-29 04:29:12 Times Seen288 Hash 6c0b964b273d662f25b84cd29e51b607 6bef26208ee6a1d7105720e5cc54f273868630a9 a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c Loading...

	glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154	1.9 kB	2023-03-12	2023-11-08
Pretty URL glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154 IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:09:06 Last Seen2023-11-08 23:06:32 Times Seen2 Hash 0f2d243e3efe9841aef77771be7367d5 0f74c7f4ea11f9489b707b8f1f2abed06b574a44 8ef34cb5eee41d4088f5b6da4f35cee657ee12050ff11a00846c24776caeae81 Loading...

	glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154	681 B	2023-03-13	2023-03-13
Pretty URL glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154 IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:28:31 Last Seen2023-03-13 13:28:31 Times Seen1 Hash 6d2edcf8c967f1341b4044e766adbb83 90b550deab3b3e363cd7b196c87ae8860d260f29 e680c318bf2b38155e65be4f35d5aa6d0d433472adcb623b9dc845c716c35cd1 Loading...

	glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154	917 B	2023-03-08	2023-03-13
Pretty URL glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154 IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:20 Last Seen2023-03-13 13:28:31 Times Seen1 Hash 2bd36d54ad164e5dd0964a1e3c033362 c33122a82d57a9a1a7302717b68b0ce75abfd95e 2ade00b23b9936d1a67e6e1f8b7ccc7c20dda20b7e9649cccdb1d0826b31e18c Loading...

	glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154	913 B	2023-03-08	2023-03-13
Pretty URL glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154 IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:20 Last Seen2023-03-13 13:28:31 Times Seen1 Hash 621aeb60bca8707d2c2a164718c2faac 74adcd8ef3d70ff0a87a98b784c1d82b12a4c086 a4da16931e1e39c0d67a90e1d132e5fe15b594dd7e7e52856339c04709ed2e98 Loading...

	fast.vidalytics.com/embeds/QrADs9TA/nyZ5wcmDzcyrkUmp/loader.min.js	42 kB	2023-03-12	2023-03-13
Pretty URL fast.vidalytics.com/embeds/QrADs9TA/nyZ5wcmDzcyrkUmp/loader.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:07:00 Last Seen2023-03-13 13:28:31 Times Seen1 Hash ae0ac64d27feb9549ee8359ed4796b0d bbb05e60eba57acf76309e780131099fab819816 360cddef48d4c8f74d5c9ba96f8a51998c65133ce4bd3a37681375ee109a671a Loading...

	fast.vidalytics.com/embeds/QrADs9TA/46UN8rzM_fkPgzpU/loader.min.js	42 kB	2023-03-12	2023-03-13
Pretty URL fast.vidalytics.com/embeds/QrADs9TA/46UN8rzM_fkPgzpU/loader.min.js IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:07:00 Last Seen2023-03-13 13:28:31 Times Seen1 Hash 7651343ed60bc84c709644b402fe8b19 ec43c3f4e307ba3ebfde90823deac3a84aa574ea 37f1001d5eb1b1ec31cddc90aa366955aca04076b948e7df76c5ee7e37da7ee7 Loading...

	glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154	2.1 MB	2023-03-12	2023-03-13
Pretty URL glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154 IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:07:00 Last Seen2023-03-13 13:28:31 Times Seen1 Hash 86dc30e33fe7a3733a08a381a39f0101 41ae74eeeede975e80e7e8b5ea2d15094193d8e5 88e7193364c4b67d47cc5b0bcc283e6d2dfd29196c0afd916839fdf6565da330 Loading...

	fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123	145 B	2023-03-13	2023-03-13
Pretty URL fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:28:31 Last Seen2023-03-13 13:28:31 Times Seen1 Hash c63bda58c801a0dad0359f7b8838d9cf 81aeb4739864ead165b14b48d405ed10ac1e9899 9bbcec10af37dc80dd9c8cd3b8cd3e608c2231357e216f6e01759c6782caa89f Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-25
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP 188.114.99.234 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-25 05:46:39 Times Seen54559 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	glucoswitch.com/api/visits?page_id=15&page_version=b&request_id=A29EDEF6%3A4952_D197C0D8%3A01BB_63D94C53_124A89%3A379A5D&querystring=hop%3Dmediawar15%26sub3%3D91.90.42.154&fbclid=&fbp=&fbc=&referrer=https%3A%2F%2Ffitleanhealth.com%2F	558 B	2023-03-13	2023-03-13
Pretty URL glucoswitch.com/api/visits?page_id=15&page_version=b&request_id=A29EDEF6%3A4952_D197C0D8%3A01BB_63D94C53_124A89%3A379A5D&querystring=hop%3Dmediawar15%26sub3%3D91.90.42.154&fbclid=&fbp=&fbc=&referrer=https%3A%2F%2Ffitleanhealth.com%2F IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:28:31 Last Seen2023-03-13 13:28:31 Times Seen1 Hash 05cef1faa1e15e9edf718539564b69ac 181aec3cdacd3b7a7ae5a81812826d29671fa532 f52ab79b6e0f28b5f67319ea26f6409c611a769d23dad02fbc90837d0865351b Loading...

	glucoswitch.com/discover/js/bounceback.min.js	2.8 kB	2023-03-07	2024-02-29
Pretty URL glucoswitch.com/discover/js/bounceback.min.js IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:47 Last Seen2024-02-29 04:29:09 Times Seen186 Hash 928ec014586629db7d8b4ad49c4bc93c b436801b50738cca53b78e5c9e459495f26da5c9 1fbbfbf2aff3f6cb01ac1967abafda6695aa9ee86e28862b0c45f62bffe51282 Loading...

	r3maf0.n3cdn1.secureserver.net/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.4&time=1675009795	99 B	2023-03-07	2023-09-11
Pretty URL r3maf0.n3cdn1.secureserver.net/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.4&time=1675009795 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:19 Last Seen2023-09-11 04:47:00 Times Seen48 Hash 86f60f0ee06297a33cc7b381b3a71b38 5e6408f710170c11af079400f6dc47027ff8f5c3 ed8fa1ff8b55dd19225f59a5e74520a8b20206c2f6d354e1e6f0e5881d93fe4a Loading...

	glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154	548 B	2023-03-07	2024-03-19
Pretty URL glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154 IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:47 Last Seen2024-03-19 11:32:43 Times Seen472 Hash 1ad5c115ba02812a95a81697a1428b9d 1ecfc84ec959361e20ddf31d34a775300e07334e 33c3bb2334c52ccc35e6ad8806ec31a6814413c62d91d6011e5500d5ea820c1c Loading...

	glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154	1.4 kB	2023-03-13	2023-03-13
Pretty URL glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154 IP 104.26.4.140 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:28:31 Last Seen2023-03-13 13:28:31 Times Seen1 Hash aebfc191dc7df274bce4d361a63b004a 350c061a0cf8dc5075ae931deee378a4c9fae208 3655f88df56a5803f2e23e56dd86947d992c05090e4b156e804d8464f2481616 Loading...

HTTP Transactions (111)

URL IP Response Size

fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123

188.114.96.1

301 Moved Permanently

268 B

URL HTTP/1.1
fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
268 B (268 bytes)
Hash
e1822323e72bd5aedd56629c3f84cff6
67d127f513d872a8d2c20a5ea5ad8ebb625372b2
982ca6d5fb135370abafc17db34a50e6760ee24c1c43d2e35c9427441d47cf32

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mw25ckd_leads-GLUCOSWITCH04-013123 HTTP/1.1
Host: fitleanhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 17:13:52 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Age: 0
Content-Security-Policy: upgrade-insecure-requests
Location: https://fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123
Vary: User-Agent, Accept-Encoding
X-Backend: local
X-Cache: uncached
X-Cache-Hit: MISS
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff
X-Php-Version: 7.4
X-Xss-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXwfS%2BcVI3jGVvuORd0xSRmCv09TvZj%2BKQ%2BuJ%2FNlBgHPisH6LlaYVWZXlRMVJjS%2BAJF5K2bsCgRrdFRWTPtpJMp6vpkeUqwpnyi0M50NRJcJqkw4oKYRxYN1S6%2FLFOEUgOQP0w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79241497fdae0b39-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3548
Expires: Tue, 31 Jan 2023 18:13:00 GMT
Date: Tue, 31 Jan 2023 17:13:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11842
Expires: Tue, 31 Jan 2023 20:31:14 GMT
Date: Tue, 31 Jan 2023 17:13:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3567
Expires: Tue, 31 Jan 2023 18:13:19 GMT
Date: Tue, 31 Jan 2023 17:13:52 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 16:43:17 GMT
content-type: application/json
age: 1835
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uIScpxIyqjq1nP4S282H5h6Gbl8LTOhgiLHgZpU3HjI0nw/G1hgutGp+rt13CiW3yI39evdVrIM=
x-amz-request-id: T3NSGHW5X4W3EGVZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 16:22:17 GMT
age: 3095
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 17:13:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
5b9d8a25ff914af27ca316956c5967d4
fcfb7c120db4b090c23b410b213b83917fa33898
5517343a7bb435b12a2a76728e1cdecac302bc5e3a9a99be5f25f8dca8532928

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=135644
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:53 GMT
Etag: "63d8bb2d-116"
Expires: Thu, 02 Feb 2023 06:54:37 GMT
Last-Modified: Tue, 31 Jan 2023 06:54:37 GMT
Server: nginx
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
5b9d8a25ff914af27ca316956c5967d4
fcfb7c120db4b090c23b410b213b83917fa33898
5517343a7bb435b12a2a76728e1cdecac302bc5e3a9a99be5f25f8dca8532928

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=135644
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:53 GMT
Etag: "63d8bb2d-116"
Expires: Thu, 02 Feb 2023 06:54:37 GMT
Last-Modified: Tue, 31 Jan 2023 06:54:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 16:41:42 GMT
age: 1931
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
007374fcfda6c98c65db871a535ef236
5e92474db7ebb1e31ea4441ae76ac889aa291d36
c5e1fb50e7f5b2f83b42216a70830057a77f4457c2d9b9fd2688eb2f8777b93b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 17:13:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 30 Jan 2023 21:22:44 GMT
Expires: Tue, 31 Jan 2023 21:22:44 GMT
ETag: "5e92474db7ebb1e31ea4441ae76ac889aa291d36"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7371
Expires: Tue, 31 Jan 2023 19:16:44 GMT
Date: Tue, 31 Jan 2023 17:13:53 GMT
Connection: keep-alive

ocsp.starfieldtech.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
007374fcfda6c98c65db871a535ef236
5e92474db7ebb1e31ea4441ae76ac889aa291d36
c5e1fb50e7f5b2f83b42216a70830057a77f4457c2d9b9fd2688eb2f8777b93b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 17:13:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 30 Jan 2023 21:22:44 GMT
Expires: Tue, 31 Jan 2023 21:22:44 GMT
ETag: "5e92474db7ebb1e31ea4441ae76ac889aa291d36"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6a71b7e5b3aa2654bec67f1390ad8f8f
c966742a0e43faf97e9254040cc6662e0a2a9e6c
cee68e3ae9ea49b5d375b92f0cff5670ef6e49bf44975ca626eff58cd5741d5f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CEE68E3AE9EA49B5D375B92F0CFF5670EF6E49BF44975CA626EFF58CD5741D5F"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10194
Expires: Tue, 31 Jan 2023 20:03:47 GMT
Date: Tue, 31 Jan 2023 17:13:53 GMT
Connection: keep-alive

trk.anarchywarrior.com/230b1ce3-0a36-4395-8363-a5cec7ce6124?sub1=mw25ckd_013123_leads

104.21.43.3

302 Found

0 B

URL HTTP/2
trk.anarchywarrior.com/230b1ce3-0a36-4395-8363-a5cec7ce6124?sub1=mw25ckd_013123_leads
IP
104.21.43.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /230b1ce3-0a36-4395-8363-a5cec7ce6124?sub1=mw25ckd_013123_leads HTTP/1.1
Host: trk.anarchywarrior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fitleanhealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Tue, 31 Jan 2023 17:13:53 GMT
content-length: 0
location: https://a2a60bt7oyb26zje7lukl88v77.hop.clickbank.net/?pid=15&tid=w6npo7dtij4lf1am277sj560&sub3=91.90.42.154
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: 230b1ce3-0a36-4395-8363-a5cec7ce6124-v4=-glQAAYNJMlqIi_7pOAhgSc3WHCUAxj_Stpg-w8L8Bw; Max-Age=86400; Expires=Wed, 01-Feb-2023 17:13:53 GMT; Domain=trk.anarchywarrior.com; Path=/; HttpOnly
cc-v4=vd%2FDngllfc%2B2E5DRzA1%2Bh4EfC4GyMbDPk80KKAEPpn%2FRbXXFNRqiigTwQlakAlX9KNoKRM1fkxLFQAwecRwUC%2BjKL5%2FDNHPwmfwTJ4vG0aN3gPzUy7CYWR0EiYsThhp4jZKdGrPno6qCJSiEy59oZA%3D%3D; Max-Age=31536000; Expires=Wed, 31-Jan-2024 17:13:53 GMT; Domain=trk.anarchywarrior.com; Path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJfbq2ZqsyzxF2G0Ua7VnpFUtGS9sbmbBfYJ%2B7Y7VUKZODee4Q1lFvdqQTz7DO%2B3poodvoxAWrHz86Fqy62N5kvj%2FnZacXMrCc%2BonERxellsgBk0XyQGKuGVu66jl8%2FbW5igFxVr5Uaj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7924149ffa60b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.237.163.41

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.163.41:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YHoJ8XuxQ9Tqe6/eVmFssg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HzD3wq8sbymdym1o62rHsi6gcjM=

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6a71b7e5b3aa2654bec67f1390ad8f8f
c966742a0e43faf97e9254040cc6662e0a2a9e6c
cee68e3ae9ea49b5d375b92f0cff5670ef6e49bf44975ca626eff58cd5741d5f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CEE68E3AE9EA49B5D375B92F0CFF5670EF6E49BF44975CA626EFF58CD5741D5F"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10193
Expires: Tue, 31 Jan 2023 20:03:47 GMT
Date: Tue, 31 Jan 2023 17:13:54 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6a1ca27f89feb8270287477c0f7b382e
3271349b895ab8db78db2ca54ef4aaf2991fd38d
1a00915b6821abe8ef347eeb9e9d43765e698c7de89dc9a385b88bbfeae395ad

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105307
Date: Tue, 31 Jan 2023 17:13:54 GMT
Etag: "63d82ea3-1d7"
Expires: Wed, 01 Feb 2023 22:29:01 GMT
Last-Modified: Mon, 30 Jan 2023 20:54:59 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IIRB4QEkNmSImmlyihRyjt3RKdWxqbqBcI6q8ccMrdAQMqsYk0ZGAA==
Age: 5642

a2a60bt7oyb26zje7lukl88v77.hop.clickbank.net/?pid=15&tid=w6npo7dtij4lf1am277sj560&sub3=91.90.42.154

54.148.132.194

307 Temporary Redirect

0 B

URL HTTP/2
a2a60bt7oyb26zje7lukl88v77.hop.clickbank.net/?pid=15&tid=w6npo7dtij4lf1am277sj560&sub3=91.90.42.154
IP
54.148.132.194:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pid=15&tid=w6npo7dtij4lf1am277sj560&sub3=91.90.42.154 HTTP/1.1
Host: a2a60bt7oyb26zje7lukl88v77.hop.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fitleanhealth.com/
Connection: keep-alive
Cookie: q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
date: Tue, 31 Jan 2023 17:13:54 GMT
content-length: 0
location: https://glucoswitch.com?hop=mediawar15&pid=15&sub3=91.90.42.154
set-cookie: q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643; Path=/; Domain=.clickbank.net; Max-Age=31536000; Expires=Wed, 31 Jan 2024 17:13:54 GMT
p=Rfb7EmautxoKVUEGnPFhDK5qYvxxDm0iCvQvn_AZqULxjvBSiakXtXX3uynEO_REUcceG9xWAGNFrUgVBz5-gq6JCGl_lvmuHvBNqymrXYT6mCjMD0oyJ91vouwzSXzq1rwkFeA7e4DUcYjO_6SYnQgzGvCJWwzeQ7sr5Zr2260bGnCK7bPJOFT157dE66kGfBe_BD2C1i72BXoQHd4b3NsPEhhhJfn-fvRndm0hGYKpAgP8; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Sun, 30 Jul 2023 17:13:54 GMT
server-timing: traceparent;desc="00-e647fd51ed8199e32777a082a8589b81-a9b7f46902d183d6-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/6jSqm3i8h_k

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/6jSqm3i8h_k
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7149bd668f48fd632302953ec9c664aa
49ed3ba6b6e274e28b6795e9e16ded9d53ede0c4
d175d28f4feeafbc11f87e84592d09d471863c80c5a990a4bd00bb0c995a73e2

HTTP Headers

POST /s/gts1p5/6jSqm3i8h_k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5111
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 17:13:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5111
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 17:13:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5111
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 17:13:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 55040
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6844 bytes)
Hash
976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 55876
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13853 bytes)
Hash
d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 69938
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7333 bytes)
Hash
01f406ed5d9b17a7aa00015301bddf94
d78e18830fc6cf231f66f95cc0e01520cfeebddf
33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7333
x-amzn-requestid: f03b3e95-5cc6-4749-83c2-d59d6fa9eb2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiVunGWXoAMFXyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d7365d-40b9b11f3f33592829a98fbc;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JAYN7gfwR0kEenTaM8mS_jGEYfwvcUGrjI_6wTb29wZfcLRuS2WHQA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:52:32 GMT
age: 69683
etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8558 bytes)
Hash
e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:24:36 GMT
age: 49759
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5903 bytes)
Hash
42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 72630
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123

188.114.96.1

200 OK

61 kB

URL HTTP/2
fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
61 kB (61416 bytes)
Hash
f20b8324f773a108ee1f3afc69bc384b
c586f114631b18e2d427d7b80f4b9c52551a08c4
047a37d0da4f05ac800e51680b5bf43290788abb8b3bbf2dc555a613c66db775

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mw25ckd_leads-GLUCOSWITCH04-013123 HTTP/1.1
Host: fitleanhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:53 GMT
content-type: text/html;charset=UTF-8
age: 0
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-security-policy: upgrade-insecure-requests
expires: Mon, 07 Jul 1777 07:07:07 GMT
pragma: no-cache
set-cookie: prli_click_466=mw25ckd_leads-GLUCOSWITCH04-013123; expires=Thu, 02-Mar-2023 17:13:53 GMT; Max-Age=2592000; path=/
prli_visitor=63d94c514fba7; expires=Wed, 31-Jan-2024 17:13:53 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=300
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,3,24
x-php-version: 7.4
x-redirect-powered-by: Pretty Link Beginner 3.2.4 http://prettylink.com
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mzjr6LFi34QCoQJ0hIFIDUBoSx3vzf8wOlLPrsR%2BwY4oSslHeIqBcBe9MFK5yqgD0LTdta9qK%2FvAjrQnn4GsRJGHUp9vuE5iLYQd%2Fh7nuBb9wjva9jp9AOx7%2FR7su%2BCGd8%2BN5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7924149b6c97b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

glucoswitch.com/images/btn.png

104.26.4.140

200 OK

2.8 kB

URL HTTP/2
glucoswitch.com/images/btn.png
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 282 x 84, 8-bit colormap, non-interlaced\012- data
Size
2.8 kB (2798 bytes)
Hash
3e79cf10eeafa16f7c45390d5735a40f
9ff12cae6d3e9156e8b9739c62f054e5676fd4c4
2e33e4f3b443da7526641df92195525a120b3862cd9547e8e651e5237b5967bc

HTTP Headers

GET /images/btn.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 2798
last-modified: Thu, 15 Jul 2021 13:48:28 GMT
etag: "60f03cac-aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzYRxL%2BDC4dTBos5OCy6vn4mQaNKQhu%2FBsSHKAQ%2Bn3zc39WwJdgLMK%2BHlg3ssnYKUSC%2FXDC2QVRGG7Voy8122tBKgMH9Cin8LyGGIucLykVSQJa30oqcP%2FDblnaat%2FoP4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae331c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/images/product-bottles-3.png

104.26.4.140

200 OK

89 kB

URL HTTP/2
glucoswitch.com/images/product-bottles-3.png
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 334 x 232, 8-bit/color RGBA, non-interlaced\012- data
Size
89 kB (89378 bytes)
Hash
cd7e0092122ea0c2ab2711f9c87b49f9
fed3a302c868d45af8c993362076345e8710b5eb
0687e4dfaa04013a17e4740a5ffa4f1d88a282cb889f8ce1e0f1c0a56ef852f9

HTTP Headers

GET /images/product-bottles-3.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 89378
last-modified: Thu, 15 Jul 2021 13:48:44 GMT
etag: "60f03cbc-15d22"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 1565713
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEEiwEo4m2QstPVE6oQjATXWQhk1XpsiOW%2BNuIje%2BgWSQXE0c5yHFHdxfivgVKSMZoTUQqP8Qu8rdGTIBaFhd6XpxComNwwLR%2FcwZhIaOEZ3TN8WnK1Ahb5Cw8Sm8Dz6Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae341c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/images/product-bottles-6.png

104.26.4.140

200 OK

112 kB

URL HTTP/2
glucoswitch.com/images/product-bottles-6.png
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 334 x 232, 8-bit/color RGBA, non-interlaced\012- data
Size
112 kB (111941 bytes)
Hash
8eb7dd5fc7472d0ea19d55e50b7cae3c
6d2aa0852777502320593fea2d85f3a7760b514a
183e9bd9ce310bb8243b29eaa3a849932edf0f2510b33944e72aa7e4804165b4

HTTP Headers

GET /images/product-bottles-6.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 111941
last-modified: Thu, 15 Jul 2021 13:48:44 GMT
etag: "60f03cbc-1b545"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 415055
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJ9shCnjIpyb%2B6iyiii6a5hN%2FAPlYFeGJYWo0A5sKp%2B5D22D%2B5%2B8k4Q%2FrGKVXuBw%2BxLGhPx22A8ggtmddW%2B4AFFPyzoO7TndKwFq7f8E%2BL%2BqHnxutKoe7u62KT1HpwsskA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae351c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discovery/images/add-cart.png

104.26.4.140

200 OK

8.5 kB

URL HTTP/2
glucoswitch.com/discovery/images/add-cart.png
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 400 x 121, 8-bit colormap, non-interlaced\012- data
Size
8.5 kB (8475 bytes)
Hash
31173b47eae70e9774db2e3230fb6af9
bb47845d22afac3ff3813d41d562bf74d57aca4c
6310dc1605935841483e6ef31f2dc1284f3aab95a22e6955172a58c355a41143

HTTP Headers

GET /discovery/images/add-cart.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 8475
last-modified: Fri, 17 Sep 2021 14:21:30 GMT
etag: "6144a46a-211b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHRjm5Wjr9v8CEUCsZEWq81%2F7fqpzq%2BW91siabARincAJaaaWlav9oNfx2tyqymY2cHy2jHZg6iEQZBro3nxPRKR9pWkYXq38cLwJGIdfaucEriTfrYdGK0QzDisoGD84A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae3a1c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discovery/images/product-bottles-1.png

104.26.4.140

200 OK

11 kB

URL HTTP/2
glucoswitch.com/discovery/images/product-bottles-1.png
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 334 x 232, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11177 bytes)
Hash
4effe32af35a201253d586013361333c
1c136bb36411028f461d259b30c894993bbcac8b
51c8c2c30170c106a17e0d564ba2047f4707e22d41e8b196874125bc3377cf26

HTTP Headers

GET /discovery/images/product-bottles-1.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 11177
last-modified: Fri, 17 Sep 2021 14:21:30 GMT
etag: "6144a46a-2ba9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KXJopj4I6aPwwKddcyFAvGeFFSvJILklrM%2FiwMq0Pkgaalqxe%2BzyLGejpbTkHv5VbVp5V7SWPpU%2BrSv282ncgN8%2BA3SK1pI6m8mMJPeOTMQjGDLOxM3IX0MCTlOO8NVKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae391c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discovery/images/credit-card.jpg

104.26.4.140

200 OK

17 kB

URL HTTP/2
glucoswitch.com/discovery/images/credit-card.jpg
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:10:31 14:49:28], progressive, precision 8, 168x24, components 3\012- data
Size
17 kB (16703 bytes)
Hash
b23189cc855a83bf542b43bf701bd311
d4cf6104a1b4578fb684fb274e1b0ad107189ab0
5eed70266e4ae59eff8bf5e7e795b4312d77cec9afd731d8c47cac044bd50d7f

HTTP Headers

GET /discovery/images/credit-card.jpg HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/jpeg
content-length: 16703
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "6144a46a-413f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 17 Sep 2021 14:21:30 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHNTD3GQ1fknaKUwiprEPHDGqKsLJdOlilhOpJdqaqVmnwyqM9BiXRi2fl%2BBfbxUCAVd7MZzoruR%2BmKcdqE2CDXEqodcfVaE%2BDPuFPIruj4mq1DwwVlrlAgoqQW2GMkFxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abbe431c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discovery/images/product-bottles-3-b.png

104.26.4.140

200 OK

45 kB

URL HTTP/2
glucoswitch.com/discovery/images/product-bottles-3-b.png
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 334 x 232, 8-bit/color RGBA, non-interlaced\012- data
Size
45 kB (45062 bytes)
Hash
567c30c150a2ce0b7ec7abf9a4662ac4
f743b5b2494c5cee7e00cd1a562a001890f2ebe8
1a2e5d047907bb4f36d900d3916386dfe62eb44a8d070155c58169532b96925a

HTTP Headers

GET /discovery/images/product-bottles-3-b.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 45062
last-modified: Mon, 18 Oct 2021 08:26:01 GMT
etag: "616d2f99-b006"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iQNsZMeDK8wRF9K57D29FIHfZO5PII14aEmpn2vIgvsefvAPfGjhHYwLRVBC2kU9SrqOQFiaepUbkK5I5tUAFw9VCpkH%2BBvCLzB%2Fu4X%2B74L%2BrxiTeO31WFTVC1LuzNGFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abbe441c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discovery/images/free-shipping.png?v1

104.26.4.140

200 OK

427 B

URL HTTP/2
glucoswitch.com/discovery/images/free-shipping.png?v1
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 49 x 20, 4-bit colormap, non-interlaced\012- data
Size
427 B (427 bytes)
Hash
f45d44d4e0b1f55897fd4dcd7b5db613
869a77be6b27d17604d3cafa6ddca724a881a9bb
ad41fa8d859e22982b208ee8dff5cdcd98105f6eb576014b588e53c2b95ae694

HTTP Headers

GET /discovery/images/free-shipping.png?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 427
last-modified: Fri, 17 Sep 2021 14:21:30 GMT
etag: "6144a46a-1ab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAkZ5ViC4WRUxv0%2BB95oH5eHDH%2FUm4kZHxzKaNqamyRY8C%2B1OWF9mtiVw8eIrEyQ%2BdpkuJov66gyDPsEzRyZq7%2BAZQczQ0GKk5rIG83J%2FtVOn1hj%2B%2BRgb8DvT7p2Pe3V0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae411c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discovery/images/free-offer.png?v1

104.26.4.140

200 OK

1.5 kB

URL HTTP/2
glucoswitch.com/discovery/images/free-offer.png?v1
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 189 x 61, 8-bit colormap, non-interlaced\012- data
Size
1.5 kB (1468 bytes)
Hash
fe31adf47cdcce131be4362a600ff87b
2b8a996646c0e38c6041360fa4e959be114d5384
77b6971aa2fc9c1f1993ac0068d600eaca6a932132d768d2e93cab861bda682f

HTTP Headers

GET /discovery/images/free-offer.png?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 1468
last-modified: Thu, 25 Aug 2022 12:56:11 GMT
etag: "6307716b-5bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 144940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUohon8uo9fCbg5yho7GaEyI%2Bkmrlz1vo309cvB%2B%2FioSi1wn%2FqH9DkkLKTmA%2FqSGe7S%2FeTVenoSyFuJKTuwDKGPa6NDGQqpHcZoeHOzwzA%2BlxZmRabmx%2BDIgLMxzq98lXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abbe451c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discovery/images/product-bottles-6-b.png?v1

104.26.4.140

200 OK

110 kB

URL HTTP/2
glucoswitch.com/discovery/images/product-bottles-6-b.png?v1
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 334 x 232, 8-bit/color RGBA, non-interlaced\012- data
Size
110 kB (109741 bytes)
Hash
6e732da2e258f66034a594129ab0f4ad
46f4a4bf18237ca76a53f7ab9eab64cb540efc5b
096c598eee198fd40aad1a29ac5d36b8d2c883269b68c13c5d112faec5788bf3

HTTP Headers

GET /discovery/images/product-bottles-6-b.png?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 109741
last-modified: Mon, 18 Oct 2021 08:26:02 GMT
etag: "616d2f9a-1acad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 1565713
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeUkmtUcQs6HY63c1OBRi6fpRbY7O2pyWtDQtqtM758Mkx71bW7Hgw4TuBwxtkoNBK7i5JUFfZQcNnRojvIgm%2FtV5CE3y%2BMT8Yg7O09r5cQLm0ie%2FlI1%2FTc55%2FWBxIscHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abbe461c0a-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
363936321a9f08665a6afc9fdafbe442
bf305cdf4315648572bcd015a12a8768570b23ca
b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Last-Modified: Tue, 31 Jan 2023 16:51:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

glucoswitch.com/discovery/images/brian.jpg?v1

104.26.4.140

200 OK

32 kB

URL HTTP/2
glucoswitch.com/discovery/images/brian.jpg?v1
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:06:30 12:27:59], baseline, precision 8, 150x150, components 3\012- data
Size
32 kB (31780 bytes)
Hash
c87e3b15b479ab5ff2c69eae03b1d97f
cfbde05acd6cabb6e85040359dc2bb86ebac9b79
0a1c1ae0de639f55cb287b75ab6a7f8f690cf5b8dd21ce71d83bb4e8219e25e6

HTTP Headers

GET /discovery/images/brian.jpg?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/jpeg
content-length: 31780
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62bd4ae0-7c24"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 30 Jun 2022 07:04:00 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMuHAQ2A3nsMsYGiP0%2B9mxgu%2FNShGPxdJTsOI9KyeduDSpRRRYsZCnuMiGZ5M4z2qAMbuQgQkXg5SxSiYHakLL85IruMGgmfYyl4VqWwYrWk36wJxvkjZfFlgLvcY%2BzwIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abce501c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/?hop=mediawar15&pid=15&sub3=91.90.42.154

104.26.4.140

302 Found

10 kB

URL HTTP/2
glucoswitch.com/?hop=mediawar15&pid=15&sub3=91.90.42.154
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
10 kB (10259 bytes)
Hash
91d3e4413c4c6d78c75f09c0cb78facf
8396367fdb8b51d6e5234390cefc6c02bafe3a70
bd078a09768ce9f69d76bd542d426513d00ddef83a59908090d199d93a900192

HTTP Headers

GET /?hop=mediawar15&pid=15&sub3=91.90.42.154 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fitleanhealth.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/html; charset=utf-8
set-cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; path=/; expires=Mon, 31 Jan 2033 17:13:55 GMT; secure
user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; path=/; expires=Mon, 31 Jan 2033 17:13:55 GMT; secure
uid=wKhaAWPZTFOLTQAyAzHXAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=0; path=/
location: /discovery?hop=mediawar15&sub3=91.90.42.154
content-security-policy: frame-ancestors 'self'      cbsplit.com     glucoswitch.com     glucoswitch-com.cbsplit.com             ;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPZOR8pEt9mcs%2BoeeUWiRfBB3G0lE9M0MgxehEAIL0VMSSHlbhPV%2FsSDz3y%2FftJ%2F54n4hRGaHawiJoTVC7sD0Jbq6xj%2FRj18SCN3pRQEiytVNaQptXmpu%2F0kVfcqQYlqog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414a6d9341c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discovery/images/michael.jpg?v1

104.26.4.140

200 OK

34 kB

URL HTTP/2
glucoswitch.com/discovery/images/michael.jpg?v1
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:06:30 12:28:19], baseline, precision 8, 150x150, components 3\012- data
Size
34 kB (34185 bytes)
Hash
ff2a5ff4b91351aebd1816c7245d566f
859ba2b9008300a843ac445e27f6d193d1091f7a
cda892251945a0ffc778a6b679ec32244ccb4f5c10de4933c6b57150cc1e1c64

HTTP Headers

GET /discovery/images/michael.jpg?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/jpeg
content-length: 34185
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62bd4b32-8589"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 30 Jun 2022 07:05:22 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 415054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sCy%2BtKa72ZCTm0Ifb8fAH%2BhhQ585KqpmNhVAGCfgqYG8Abrgc6Dzx86d19SaFswVihwFdWk3nMmNAnxFdQZTpDsd%2Bt%2FiAqiCzdC49%2BI33zRJmFfVYgepYPFGRBXXusJAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abce581c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discovery/images/tina.jpg?v1

104.26.4.140

200 OK

35 kB

URL HTTP/2
glucoswitch.com/discovery/images/tina.jpg?v1
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:06:30 12:29:13], baseline, precision 8, 150x150, components 3\012- data
Size
35 kB (35330 bytes)
Hash
e5626a21ed047c80caef5e3837ff95bd
dbb5a1e643d982ec58b7f411c17d8a62c8cf6c8c
3b78790968a247983e2874aabef97776026a1164d2109b68e966fd4f377c44be

HTTP Headers

GET /discovery/images/tina.jpg?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/jpeg
content-length: 35330
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62bd4ae0-8a02"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 30 Jun 2022 07:04:00 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcSJ8%2Fb%2F%2FO%2F4Teb6VPJWrw%2FDrlIfBPG4pvyRSGaQw1Nh7KXDL9afDv3uWp9cW0nsShSNCYKTerHxpEik9xhDUI2EsBtDwwvxeQioczbKvsH43FdRvEOn1yjekg6F38BJlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abce561c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discovery/images/tania.jpg?v1

104.26.4.140

200 OK

36 kB

URL HTTP/2
glucoswitch.com/discovery/images/tania.jpg?v1
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:06:30 12:28:54], baseline, precision 8, 150x150, components 3\012- data
Size
36 kB (35592 bytes)
Hash
9573ec62cfd44e82e48a8f1c24c06763
7722e0a146f61cfa37f25b9fe4ef3f9c2c2f9ff8
77e3d56ce4613aa0049b2ca6a9f38799dc36208ae64306c1522b60314ba56eae

HTTP Headers

GET /discovery/images/tania.jpg?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/jpeg
content-length: 35592
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62bd4ae0-8b08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 30 Jun 2022 07:04:00 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0OhFiy496%2FvFZW2Ni0m%2BhgXgExD6gsyAMh2NnmX8zVeAwPxl3O6LRSY66%2B%2Ffchks6L8NTs0wJri9dOw%2F1u%2FuKUHbB52txGvebxlVLHRKohhxXcDgBo%2BfsV6FRYI4H8flA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abee801c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discover/css/extra.css

104.26.4.140

200 OK

574 kB

URL HTTP/2
glucoswitch.com/discover/css/extra.css
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
574 kB (573459 bytes)
Hash
61c702d5aee8b4efcf6187a297980e8d
57f2df24e1ec7779a0a20b3a3d7f1ab4adbacbf8
8deea572894eadc4aecb4280f57bfdbb3a7d4fc6d0eeec76cb030ba088dddef4

HTTP Headers

GET /discover/css/extra.css HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/css
last-modified: Fri, 30 Jul 2021 13:41:32 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6104018c-505"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 167095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4YgADaRcoxOVaFOeIAW4yk3p07SxS9NKJQz92el6I9eYnzuYE7Ifnd2ZMqWpRGXksm1TGg1A7tHAK%2FnS5cDzEpMRZwWUl9eMQndNjroIFc7WIBRQGjOrFqSm3NT0h%2BVfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414ab9e251c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

glucoswitch.com/discovery/css/vsl-home.css?v3.16

104.26.4.140

200 OK

1.8 kB

URL HTTP/2
glucoswitch.com/discovery/css/vsl-home.css?v3.16
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.8 kB (1785 bytes)
Hash
9a8a9f1167d10dc493e4aa80c60e66ef
745e672901173a5b49dac3b90552ce33b56f9784
96143778f6281dd7b95119ac430cdf3df4198862b9829f1c9472be8120b4614a

HTTP Headers

GET /discovery/css/vsl-home.css?v3.16 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/css
last-modified: Fri, 17 Sep 2021 12:54:32 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"61449008-12da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 415055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ef0O1oVyInt0JTbCKjZlyZkUp4yg9YeMr%2B1q7i0Sw8%2FhLV227ROXF7%2Bsy3wBzNUN%2BSGZdKAZYxLJG%2B8LjAkb%2B%2BRKNR5GZpc0zQQY%2FiB9g9pHmu5bSBjDPTfIIPHP7d5vKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414ab9e201c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

216.58.207.234

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 09:52:09 GMT
expires: Sat, 27 Jan 2024 09:52:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 372106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700&display=swap

142.250.74.106

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1111 bytes)
Hash
8a30b6c3585909ee6234e44c3b633a3a
d03cfb333c0572ba60de76509c5c1e2ae778473f
56897369b5e2737d7e7ffe660f7f7b03f77a4a03b3860331b24632fa49cbc639

HTTP Headers

GET /css2?family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 17:13:55 GMT
date: Tue, 31 Jan 2023 17:13:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

142.250.74.106

200 OK

814 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
814 B (814 bytes)
Hash
4e305d8e89c88fc53f14af216c7f7d46
d470919e557de00110c28f85a330a19496cff04c
f11fcef7488e8f57edc4f29fd931a57a7df1efd6a805853a46cfe283893c8c87

HTTP Headers

GET /css2?family=Montserrat:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 17:13:55 GMT
date: Tue, 31 Jan 2023 17:13:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 381947
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 155516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
e6e98858e07e37acdb64c79e30e1a6ae
7c1426571afcb99328204792576a9b3814ea3bba
6577b4538febd004f85dac52e2f300c9d8b2a7e8fbbb2f4dd4ae6732dfea88ed

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152044
Date: Tue, 31 Jan 2023 17:13:56 GMT
Etag: "63d8f902-1d7"
Expires: Thu, 02 Feb 2023 11:28:00 GMT
Last-Modified: Tue, 31 Jan 2023 11:18:26 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: anw057WVieQOMqJIAOukvsDOd9-W2vPBMnPsYUVI1RDsSOladk1vtQ==
Age: 574

cbtb.clickbank.net/?vendor=gswitch

52.32.168.94

200 OK

936 B

URL HTTP/2
cbtb.clickbank.net/?vendor=gswitch
IP
52.32.168.94:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (936), with no line terminators
Size
936 B (936 bytes)
Hash
6c0b964b273d662f25b84cd29e51b607
6bef26208ee6a1d7105720e5cc54f273868630a9
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c

HTTP Headers

GET /?vendor=gswitch HTTP/1.1
Host: cbtb.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:56 GMT
content-type: text/javascript;charset=UTF-8
content-length: 936
set-cookie: AWSALB=DnzBKGEJA0c/3iIR5a195WUhRZfxzbLsVvRXeHTiuTyI3k+MN/sEQas2Fi9/G0qAhfajILm0c+Mfnid4Cetxnv58kB8wWFJeqRprYwRdI2V8VFXg/LnIxztqopqW; Expires=Tue, 07 Feb 2023 17:13:56 GMT; Path=/
AWSALBCORS=DnzBKGEJA0c/3iIR5a195WUhRZfxzbLsVvRXeHTiuTyI3k+MN/sEQas2Fi9/G0qAhfajILm0c+Mfnid4Cetxnv58kB8wWFJeqRprYwRdI2V8VFXg/LnIxztqopqW; Expires=Tue, 07 Feb 2023 17:13:56 GMT; Path=/; SameSite=None; Secure
server: Apache
cache-control: max-age=900
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/stream.mpd

151.139.128.10

200 OK

4.7 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/stream.mpd
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
XML 1.0 document text\012- XML document, ASCII text
Size
4.7 kB (4687 bytes)
Hash
40ebbca722f418ffb91b708741ee7d7e
786e04e772bc766a67bdfb776eeda63ec51f34ff
19c451e24dbe3f64ceb9fecbd612165aed4e8c1edb70e3fd1d955b6c071d795d

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/stream.mpd HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 4687
content-type: application/dash+xml
last-modified: Sun, 07 Aug 2022 21:04:14 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdutveF6ZhVQYPyaeFlCEyHyiVvY87yIXQhhs8qvS9AtyxOB6yENBZuQXpGEnFHVXqBQ01I3QXPe5H97fQR_3SL9rw
cache-control: public, max-age=31104000
etag: "40ebbca722f418ffb91b708741ee7d7e"
x-goog-generation: 1659906254219313
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4687
x-goog-hash: crc32c=JTLBlw==, md5=QOu8pyL0GP+5G3CHQe59fg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds250.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
056d8e931511a832f5adb62d6f0a5312
23c7d206fb81e625b7a7fa61a1e966c661a38fdd
bff7b15c88ccd425722dc5e87196cf49636b3aead3108ffb8fb6f46bbf2a5a68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 17:13:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 15:54:37 GMT
Expires: Wed, 01 Feb 2023 15:54:37 GMT
ETag: "23c7d206fb81e625b7a7fa61a1e966c661a38fdd"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

fast.vidalytics.com/embeds/QrADs9TA/46UN8rzM_fkPgzpU/player-dash-mse.min.js?hash=mlcmiecnb

151.139.128.10

200 OK

593 kB

URL HTTP/2
fast.vidalytics.com/embeds/QrADs9TA/46UN8rzM_fkPgzpU/player-dash-mse.min.js?hash=mlcmiecnb
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
593 kB (592782 bytes)
Hash
8f8ee7045c8e1c3a78d1a8a8b49e7407
c0afe55f4445cdd80394bc092229bd5603a1579a
2db4e19e528f74ac2e1f0d94cce978fc1771dd2ae7a4a068f451d7f2362633f4

HTTP Headers

GET /embeds/QrADs9TA/46UN8rzM_fkPgzpU/player-dash-mse.min.js?hash=mlcmiecnb HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
age: 1612538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/javascript
date: Tue, 31 Jan 2023 17:13:56 GMT
etag: "9b710a62455cc50a73b957dbbcb82b77"
expires: Thu, 02 Mar 2023 17:13:56 GMT
last-modified: Thu, 12 Jan 2023 17:25:11 GMT
server: SP
vary: Accept-Encoding
x-cdn: 4
x-goog-generation: 1673544311343385
x-goog-hash: crc32c=ZH5Jow==, md5=m3EKYkVcxQpzuVfbvLgrdw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 509503
x-guploader-uploadid: ADPycdtZRLu3aR_vQr7U0uC360AJHMCNsRAhkeyoSOcNhIzpTGw2qtnzuuTfFd9vpXUGMsARBv0qmimZltOylJPV0ewXMA
content-encoding: gzip
x-hw: 1675185236.cds256.sk1.hn,1675185236.cds256.sk1.sl
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
056d8e931511a832f5adb62d6f0a5312
23c7d206fb81e625b7a7fa61a1e966c661a38fdd
bff7b15c88ccd425722dc5e87196cf49636b3aead3108ffb8fb6f46bbf2a5a68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 17:13:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 15:54:37 GMT
Expires: Wed, 01 Feb 2023 15:54:37 GMT
ETag: "23c7d206fb81e625b7a7fa61a1e966c661a38fdd"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b68d4e6e4d0a88620588831e010103b4
075b8e406ea12d9c3a65ff024fbf08be532e7471
400cc1735d8f03257076c7f54d7f921ed718636cd22105c4fd9ea2d23b70917e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 17:13:57 GMT
Etag: "63d89114-1d7"
Last-Modified: Tue, 31 Jan 2023 16:05:38 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UDgtgBw8OefbPUuC5bKvYlTTgD6x7s-mgwquTPUK2jP9FuVGupJ-bg==
Age: 4099

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/init.mp4

151.139.128.10

200 OK

459 B

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/init.mp4
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
459 B (459 bytes)
Hash
9ca7c465fe1875363d003a015e82fa15
f1fd497dad3d1a5816a4abd6fe57464c9c7619a4
0032a01ab3dc07cd657d0a62d16094bcc6503af97a0958941bb9f7af8b43d6e1

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/init.mp4 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 459
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:01 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdu35QSDbc9cEVAfpRkUD4ekF254GCCr-8_BSmNffEjeP-s-SV9K3yBgdAfdbDaAZgaBOLJ0N2dFloERU7KHEO-iPQ
cache-control: public, max-age=31104000
etag: "9ca7c465fe1875363d003a015e82fa15"
x-goog-generation: 1659905941055337
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 459
x-goog-hash: crc32c=u8l+QA==, md5=nKfEZf4YdTY9ADoBXoL6FQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds067.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

licensing.bitmovin.com/licensing

35.227.229.24

200 OK

165 B

URL HTTP/2
licensing.bitmovin.com/licensing
IP
35.227.229.24:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
165 B (165 bytes)
Hash
bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

HTTP Headers

POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 146
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glucoswitch.com/images/favicon-red.png

104.26.4.140

200 OK

2.3 kB

URL HTTP/2
glucoswitch.com/images/favicon-red.png
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2324 bytes)
Hash
ad515513b53770ddea05abea403b419b
9db024d57455ae3f9c722bf301487518f054c28e
9ad8aa93f2b840b063aac09a8a10fa1a4ca9f5bbdce753e4cb168ce90f70ab48

HTTP Headers

GET /images/favicon-red.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4; affiliate=mediawar15; affiliate.sig=giIMhF-GoLlcOAt3Ua_reBcGBAY; bitmovin_analytics_uuid=6f5a8cb6-7ec7-46fd-942a-f491d917a1a5; timer_93_=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-type: image/png
content-length: 2324
last-modified: Thu, 05 May 2022 10:48:27 GMT
etag: "6273ab7b-914"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167096
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hb43DDluneupe3K2cbsSKKUMzl1BKm7ZEeOIyVSX30%2FgAphNbCFlr5cTRZkUdcGBpdphziiteFq6U3%2FLqRlmfxSvcV5o25bsiXn%2F2R7GLrztwxABh6P3OyvQ00KVtfDNnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414b66b661c0a-OSL
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_0.webm

151.139.128.10

200 OK

291 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_0.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
291 kB (291182 bytes)
Hash
b7bfa5ba3e51a84fb0df628d79453967
c4c9e9d0765d24a7737aba7ceaff775a7d3302fc
f817281462ef44d8982dd7f9413fd7a1874198dc6102c1c448b9c7bbbad0cb84

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_0.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 291182
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:01 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdtaUhkjTwf-MGxaPvRI77nyQIwjTKUnRkCtwJ_yd6S1MENXxXusnWi7UJHSt0HLGnTC5HawNrg7QHGM2jumtgEun5MPt87f
cache-control: public, max-age=31104000
etag: "b7bfa5ba3e51a84fb0df628d79453967"
x-goog-generation: 1659905941246406
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 291182
x-goog-hash: crc32c=pQTg9Q==, md5=t7+luj5RqE+w32KNeUU5Zw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds264.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1254
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:13:57 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png

54.230.111.43

200 OK

3.5 kB

URL HTTP/2
prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
PNG image data, 472 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3472 bytes)
Hash
47cdefc96f75be3d978d4b444737b00e
c9d8540c17ed48b72be610bb5795120e4d560d6f
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

HTTP Headers

GET /dist/assets/logo-header-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 3472
date: Mon, 30 Jan 2023 23:48:17 GMT
last-modified: Mon, 21 Dec 2020 21:57:35 GMT
x-amz-version-id: rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
server: AmazonS3
etag: "47cdefc96f75be3d978d4b444737b00e"
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gc7d35nnQvRwZ_3jARb7aAl1d5CRA94qHX9ZMQWAFWmgRFvAQx-EzA==
age: 62741
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png

54.230.111.43

200 OK

4.3 kB

URL HTTP/2
prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
PNG image data, 321 x 63, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4341 bytes)
Hash
c06ae1ecaaf7e0610c68af117658a7e0
337cc86d38734fd76333c063366ec36e7a7d343a
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

HTTP Headers

GET /dist/assets/logo-tab-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 4341
date: Mon, 30 Jan 2023 23:48:17 GMT
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: 65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
server: AmazonS3
etag: "c06ae1ecaaf7e0610c68af117658a7e0"
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KGm9FueWWlsthozCTkKjZqZUsmyQTNSM3CaBq5O6wpBBOWcm5YmGvQ==
age: 62741
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

142.250.74.106

200 OK

12 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
12 kB (12294 bytes)
Hash
5fd52c68411043be4659458a89ada44a
e5f94a133fc4eabe58183f576d317dc32b402e73
bc51180eba25268b05f6f5cb83444ae7e8b0c1bf4d17fa7ac83b9cfac09b90c3

HTTP Headers

GET /css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 17:13:55 GMT
date: Tue, 31 Jan 2023 17:13:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
eacc5895745c1d0e2561d630db526178
77331ece53cccf7a6a219fae33105550fca037a9
4e97ef071c169acbce4919dafc1e49342c9b0698422e0b82288e2d2238c7ac88

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 17:13:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 00:15:19 GMT
Expires: Sun, 05 Feb 2023 00:15:18 GMT
Etag: "77331ece53cccf7a6a219fae33105550fca037a9"
Cache-Control: max-age=370280,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792414b52e85b506-OSL

seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png

82.102.27.18

200 OK

4.4 kB

URL HTTP/2
seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
IP
82.102.27.18:0
ASN
#9009 M247 Ltd

File type
PNG image data, 153 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4394 bytes)
Hash
e1bae45c56b7d21a7ac325790f8acd0e
c61a206bce2c120fe77de6058877e4bb1dd02ff3
f9bc6b60cdb2bee77a6f9ec4b48c1df9c8780dc1f81c0fb1693856f580186b72

HTTP Headers

GET /seals/blue-seal-153-100-clickbank-5004291.png HTTP/1.1
Host: seal-boise.bbb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: keycdn-engine
date: Tue, 31 Jan 2023 17:13:57 GMT
content-type: image/png
content-length: 4394
cache-control: max-age=14400
expires: Tue, 31 Jan 2023 21:13:57 GMT
last-modified: Mon, 30 Jan 2023 19:47:45 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_1.webm

151.139.128.10

200 OK

374 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_1.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
374 kB (374405 bytes)
Hash
7e69db88328e4747ff70bf59d6fa444a
c26f086f1cd4438b3af23955d715268195c5fa82
7e94004ac27c06a48e4c21d45196f9b4380327972f1b2f132bdda10eda1d727d

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_1.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 374405
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:12 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdt_MosxK12zcBTWaNJ_xvHwLOlwlxkuvYm3_oc38YxidVdSGtbl-vS2ViapVdd3Cr73D1rJlW0iKYC7oOpR4ZICag
cache-control: public, max-age=31104000
etag: "7e69db88328e4747ff70bf59d6fa444a"
x-goog-generation: 1659905952616764
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 374405
x-goog-hash: crc32c=YBQH8w==, md5=fmnbiDKOR0f/cL9Z1vpESg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds242.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_2.webm

151.139.128.10

200 OK

397 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_2.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
397 kB (397137 bytes)
Hash
dc8cf493cdc83dc4fc1aa51e0ff9ef37
ea3b8b8772ff3b1c3ead0818ce061923334bd653
15e8b322e49056935722a9d8f863eb51ab5926c4fa4130beb751a208a9ea7170

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_2.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 397137
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:15 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdv4BClO8BFp7sPx4t7rrTKfTiWyoPpM-KLY6HueAE7OJ8Ada-qDnLbNWq2aOl61ugvoniqEur3V6pWmTOqxPWUO8dFYxYiF
cache-control: public, max-age=31104000
etag: "dc8cf493cdc83dc4fc1aa51e0ff9ef37"
x-goog-generation: 1659905955263874
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 397137
x-goog-hash: crc32c=6S+uow==, md5=3Iz0k83IPcT8GqUeD/nvNw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds235.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

licensing.bitmovin.com/impression

35.227.229.24

204 No Content

0 B

URL HTTP/2
licensing.bitmovin.com/impression
IP
35.227.229.24:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /impression HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 111
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Tue, 31 Jan 2023 17:13:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_3.webm

151.139.128.10

200 OK

372 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_3.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
372 kB (372120 bytes)
Hash
aa10d1f8197af0f04a64081f33afaecd
727f2ce0cbdd75834dea6ed6aa067fd8059d5dda
3f0719e00e484d899c448c6e5e1382bb3fb20aa0c2a6bc5b6f1fe3b1d3708a27

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_3.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 372120
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:15 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdvMdmZkdpLyCFUQ8BYYDYgVI1_2v1BQJ2zLjdL1_QHaPxujkW-h80TjXZdBOtcbNXwX8K6lVHZzS2AvpJSuMlvTKw
cache-control: public, max-age=31104000
etag: "aa10d1f8197af0f04a64081f33afaecd"
x-goog-generation: 1659905955331107
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 372120
x-goog-hash: crc32c=WlwZ1Q==, md5=qhDR+Bl68PBKZAgfM6+uzQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds223.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

stats.vidalytics.com/awesome-log?cid=QrADs9TA

107.178.211.97

200 OK

43 B

URL HTTP/2
stats.vidalytics.com/awesome-log?cid=QrADs9TA
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /awesome-log?cid=QrADs9TA HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "QrADs9TA/L2aaJDvPVctW0Z94"
date: Tue, 31 Jan 2023 17:13:57 GMT
x-envoy-upstream-service-time: 9
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_4.webm

151.139.128.10

200 OK

289 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_4.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
289 kB (289305 bytes)
Hash
7c0b579dca9b90560e6f4e3ac9d33eb9
e0cf7904c9a8a2d226aff3a6e0678c75f57040ac
a0842280d09aad9e92e317e50ca334531115c50aa7d00feaca62b988dc4bbb42

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_4.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 289305
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:26 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdtPdOZPMwkAP76Jw3WMvUgefB_-mMfsrnklbntUyh5THGzjhBP2F5u-HRwoCkOBxGH9IaX83Q8snD_2JDUeQs3nxQ
cache-control: public, max-age=31104000
etag: "7c0b579dca9b90560e6f4e3ac9d33eb9"
x-goog-generation: 1659905966193279
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 289305
x-goog-hash: crc32c=ySUl5Q==, md5=fAtXncqbkFYOb046ydM+uQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds244.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_5.webm

151.139.128.10

200 OK

315 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_5.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
315 kB (314553 bytes)
Hash
2015f4f5a10a27107f93cd9bd57c54fe
f10cd3e8f9cafa3f791f68b9614c79277e820435
b5886fa4bac86e241d101d3b111abb9e9a8906a550a235f134a49bc5d6a96b54

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_5.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 314553
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:12 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycduTaapHKF4HcS60fYAl0X5UvSLkcxcHW8gjsyZPqQPw5j3AgucSmA4VNCb5_wb7LZfr46FEBcma19tQ4pNjfMg6wQ
cache-control: public, max-age=31104000
etag: "2015f4f5a10a27107f93cd9bd57c54fe"
x-goog-generation: 1659905952217974
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 314553
x-goog-hash: crc32c=BTWhCA==, md5=IBX09aEKJxB/k82b1XxU/g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds248.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_6.webm

151.139.128.10

200 OK

302 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_6.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
302 kB (302125 bytes)
Hash
c5b9e6bab612c0fea9bf80879f74ddc0
7d9d8186347ed66b88091e5a7fdda5d05ed591da
82f46c997ce878a6484d769f4460a24332f1920bb08d63ba5fb49176f6283f21

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_6.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 302125
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:25 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdsL1XOzObrnvA-SIFZXXaBjrEdQBqAxT06PzOrkYV_NRfyBH2UnVDa4KFqMw7ocoifWsHINOQ9RFQS2tDgFscDWBA
cache-control: public, max-age=31104000
etag: "c5b9e6bab612c0fea9bf80879f74ddc0"
x-goog-generation: 1659905965656172
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 302125
x-goog-hash: crc32c=aFhFxQ==, md5=xbnmurYSwP6pv4CHn3TdwA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds206.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 616
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_7.webm

151.139.128.10

200 OK

547 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_7.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
547 kB (547358 bytes)
Hash
60c16d921269128abd5dee38780e1971
fa5e644b0f4f6d8912bc496ab4be29c3eb31636f
1cd826ff3a606f52427f71d72f0b6fdcbb2116b96b4d8a83b0a3e5061977e5f4

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_7.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 547358
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:28 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdtrpXGfb9xCFnPovs7TcvaOMrE4rF2eMu1eLDxqKfRNRfkDjOvPG3I8FayIhaURqeGeMfLFxfFW5LqceK-gHvhMwqLMP6Tk
cache-control: public, max-age=31104000
etag: "60c16d921269128abd5dee38780e1971"
x-goog-generation: 1659905968707117
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 547358
x-goog-hash: crc32c=1zZNoQ==, md5=YMFtkhJpEoq9Xe44eA4ZcQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds257.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_8.webm

151.139.128.10

200 OK

415 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_8.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
415 kB (415017 bytes)
Hash
564b5cc67829edd548bf5c17f4b26410
11c1218643248d095a334111ada451db152dead7
520f94b255d89ffc2e91d313887e5c667fba58d5124d283e6c25c764435fdd23

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_8.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 415017
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:16 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdtsuPHf9KfhXPRcgp8qjet53d1R_IQLoESnvYwuTGr8Nt0J9FghIZDUwCKaCQu0TSUWRDuo575cc_00DA9XXUCwKQ
cache-control: public, max-age=31104000
etag: "564b5cc67829edd548bf5c17f4b26410"
x-goog-generation: 1659905956804634
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 415017
x-goog-hash: crc32c=KJpF+Q==, md5=Vktcxngp7dVIv1wX9LJkEA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds262.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 724
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1830
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:13:58 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1797
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:13:58 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1787
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:13:57 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 255
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 16
x-envoy-upstream-service-time: 0
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
056d8e931511a832f5adb62d6f0a5312
23c7d206fb81e625b7a7fa61a1e966c661a38fdd
bff7b15c88ccd425722dc5e87196cf49636b3aead3108ffb8fb6f46bbf2a5a68

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 17:13:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 15:54:37 GMT
Expires: Wed, 01 Feb 2023 15:54:37 GMT
ETag: "23c7d206fb81e625b7a7fa61a1e966c661a38fdd"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_9.webm

151.139.128.10

200 OK

413 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_9.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
413 kB (413402 bytes)
Hash
d869a50ea34c0ea21484053d38c93fcc
ca6755e454970c8e6c868e4c73316fbeae06eea6
8852428f93e7462a9425058ac31447dd9ff15840a6713eb136ad06da610a9712

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_9.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
accept-ranges: bytes
content-length: 413402
content-type: video/mp4
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds022.sk1.s,1675185238.dop203.la3.r,1675185238.cds225.la3.c,1675185238.cds022.sk1.p
x-cdn: 4
x-guploader-uploadid: ADPycdubcCqZMIUsb5ndzwPF1pjTl7b0unB2fkzXoW7z6w07O462ouKgfbIbD-axGwdqXUIVT9ZxFyWajTayaTYn0kpTZQ
cache-control: public, max-age=31104000
etag: "d869a50ea34c0ea21484053d38c93fcc"
x-goog-generation: 1659905965467622
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 413402
x-goog-hash: crc32c=bMXw5g==, md5=2GmlDqNMDqIUhAU9OMk/zA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Sun, 07 Aug 2022 20:59:25 GMT
X-Firefox-Spdy: h2

fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_10.webm

151.139.128.10

200 OK

400 kB

URL HTTP/2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_10.webm
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
400 kB (400129 bytes)
Hash
fbee391d32afac0948091025edbb6bc2
66c3283066d387852fd6da3ae300a86d6a0e0a2f
2b636fe2866a12b48687cf1a72038c2b121163459b984b98e546b1f615e25d9f

HTTP Headers

GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_10.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:14:00 GMT
accept-ranges: bytes
content-length: 400129
content-type: video/mp4
x-hw: 1675185239.cds256.sk1.hn,1675185239.cds205.sk1.s,1675185240.dop063.la3.r,1675185240.cds033.la3.c,1675185240.cds205.sk1.p
x-cdn: 4
x-guploader-uploadid: ADPycdtZi0fdJ6eVHt6WXL4j2MqpVR8mO1iuF-RnhR7kLZpgfR2gS9Ch8nwC0dRwDq_P9d-VDZgVIzlwSlsi_h9vWX8thqESG7np
cache-control: public, max-age=31104000
etag: "fbee391d32afac0948091025edbb6bc2"
x-goog-generation: 1659905966146340
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 400129
x-goog-hash: crc32c=ylahuw==, md5=++45HTKvrAlICRAl7btrwg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Sun, 07 Aug 2022 20:59:26 GMT
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1802
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:14:01 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1842
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:14:01 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

glucoswitch.com/api/exits/1017567?url=

104.26.4.140

200 OK

4 B

URL HTTP/2
glucoswitch.com/api/exits/1017567?url=
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

HTTP Headers

GET /api/exits/1017567?url= HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4; affiliate=mediawar15; affiliate.sig=giIMhF-GoLlcOAt3Ua_reBcGBAY; bitmovin_analytics_uuid=6f5a8cb6-7ec7-46fd-942a-f491d917a1a5; timer_93_=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:14:01 GMT
content-type: application/json; charset=utf-8
content-length: 4
content-security-policy: frame-ancestors 'self'      cbsplit.com     glucoswitch.com     glucoswitch-com.cbsplit.com             ;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3Z6pfl9RAEtIHKnzI%2FyXveBikPgL8UIPwD9qqNqEKXRaLgqj5VKcUm6SoJgR2eOOXWYQ1qTay%2FCoaiV0LWV8UOvUohfZwTSRjJWvEpVku2tpHK73Ye%2BCNamOoZFhy1H4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414d15c171c0a-OSL
X-Firefox-Spdy: h2

glucoswitch.com/discover/css/bootstrap.css

104.26.4.140

200 OK

0 B

URL HTTP/2
glucoswitch.com/discover/css/bootstrap.css
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discover/css/bootstrap.css HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/css
last-modified: Fri, 30 Jul 2021 13:41:34 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6104018e-254bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 1565713
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBYflw50T9iuJ8O5y7t8n%2BApDsVmXI%2F8rGKXcQWHTjl0fQm6GAm98mS%2BBcJIBWLu%2FmjRKPuWYZpPzsQTgkjtx5ryA7tpOHa0gnRkzccrcZUhYhj%2BCtDOQyXKWy8mC%2FuGIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414ab9e1b1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

prod.cbstatic.net/dist/injectable.js

54.230.111.43

200 OK

0 B

URL HTTP/2
prod.cbstatic.net/dist/injectable.js
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dist/injectable.js HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 30 Jan 2023 23:48:16 GMT
last-modified: Mon, 21 Dec 2020 21:57:37 GMT
x-amz-version-id: RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
server: AmazonS3
content-encoding: gzip
etag: W/"af651c30e1a69f6f2124e9c1d094a300"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ShCnaEwvYXWEtOky7nH-DJm03iiRlqzsyL1lEF2KNAo4LMgrGJ2rKQ==
age: 62742
X-Firefox-Spdy: h2

glucoswitch.com/discover/js/bounceback.min.js

104.26.4.140

200 OK

0 B

URL HTTP/2
glucoswitch.com/discover/js/bounceback.min.js
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discover/js/bounceback.min.js HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 13:43:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6104020e-b20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 167095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcCZBCp6L4uyB2nu2dMvDP%2FPfNl%2BrUXExk41EFuKvrYdLWYYRtsFDKkPjrQiKMnZVMAUcRLljYCxN%2FSF1IRyoJuyrwHLFndvGyY3qrtrD2x%2B%2B34HU2l3X915IN0y3UuG4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abee961c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 17:13:55 GMT
date: Tue, 31 Jan 2023 17:13:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Oswald:wght@200;300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 17:13:55 GMT
date: Tue, 31 Jan 2023 17:13:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glucoswitch.com/api/visits?page_id=15&page_version=b&request_id=A29EDEF6%3A4952_D197C0D8%3A01BB_63D94C53_124A89%3A379A5D&querystring=hop%3Dmediawar15%26sub3%3D91.90.42.154&fbclid=&fbp=&fbc=&referrer=https%3A%2F%2Ffitleanhealth.com%2F

104.26.4.140

200 OK

0 B

URL HTTP/2
glucoswitch.com/api/visits?page_id=15&page_version=b&request_id=A29EDEF6%3A4952_D197C0D8%3A01BB_63D94C53_124A89%3A379A5D&querystring=hop%3Dmediawar15%26sub3%3D91.90.42.154&fbclid=&fbp=&fbc=&referrer=https%3A%2F%2Ffitleanhealth.com%2F
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/visits?page_id=15&page_version=b&request_id=A29EDEF6%3A4952_D197C0D8%3A01BB_63D94C53_124A89%3A379A5D&querystring=hop%3Dmediawar15%26sub3%3D91.90.42.154&fbclid=&fbp=&fbc=&referrer=https%3A%2F%2Ffitleanhealth.com%2F HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:56 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: affiliate=mediawar15; path=/; expires=Wed, 31 Jan 2024 17:13:55 GMT; secure
affiliate.sig=giIMhF-GoLlcOAt3Ua_reBcGBAY; path=/; expires=Wed, 31 Jan 2024 17:13:55 GMT; secure
content-security-policy: frame-ancestors 'self'      cbsplit.com     glucoswitch.com     glucoswitch-com.cbsplit.com             ;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhZecxh7YNjJlGQ15JQ3MqpwOC%2BovPv1CAZ6c%2BJCUh9ee74c3kOepuQtXUKSCZfqb2TG503nDV68GMAZ4k2q3rHccIbWwsW7HFuwJURwyYDb50lDMdfeq9ApkrLapN4YXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abfeae1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

fast.vidalytics.com/embeds/QrADs9TA/nyZ5wcmDzcyrkUmp/player-dash-mse.min.js?hash=dekvvxwfr

151.139.128.10

200 OK

0 B

URL HTTP/2
fast.vidalytics.com/embeds/QrADs9TA/nyZ5wcmDzcyrkUmp/player-dash-mse.min.js?hash=dekvvxwfr
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embeds/QrADs9TA/nyZ5wcmDzcyrkUmp/player-dash-mse.min.js?hash=dekvvxwfr HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
age: 1612539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/javascript
date: Tue, 31 Jan 2023 17:13:56 GMT
etag: "60e11a50fc55371ac165d6271989b4e2"
expires: Thu, 02 Mar 2023 17:13:56 GMT
last-modified: Thu, 12 Jan 2023 17:25:07 GMT
server: SP
vary: Accept-Encoding
x-cdn: 4
x-goog-generation: 1673544307292438
x-goog-hash: crc32c=G2Q+Yg==, md5=YOEaUPxVNxrBZdYnGYm04g==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 509501
x-guploader-uploadid: ADPycds6FlPqEXpc_NavKN7wwcQM9ideGwH7RY4fsD0kt65qJpT4uvxLJsg2Zo0XvW5zeAzBW2PZyE7_5-3FuWJK69hnGA
content-encoding: gzip
x-hw: 1675185236.cds256.sk1.hn,1675185236.cds256.sk1.sl
X-Firefox-Spdy: h2

glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154

104.26.4.140

200 OK

0 B

URL HTTP/2
glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discovery?hop=mediawar15&sub3=91.90.42.154 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fitleanhealth.com/
Connection: keep-alive
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: cbst-40-pv=b|2022-08-25T16:28:56.990Z; path=/; expires=Wed, 31 Jan 2024 17:13:55 GMT; secure; httponly
cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4; path=/; expires=Wed, 31 Jan 2024 17:13:55 GMT; secure; httponly
persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
persistedParams.sig=qQIP2OdsTFa87s1ohgL1NB6ingI; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
content-security-policy: frame-ancestors 'self'      cbsplit.com     glucoswitch.com     glucoswitch-com.cbsplit.com             ;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F09OAkboVpF%2FBj9Fi%2Bgv5qfKVM1T35X4rlLQUbR7cMcGDAgDzNGLiScRH82a7KcDEcfUSkbkhkUdCDXzboLdOOfjGZ61bQ%2FmFv80tka0oW03eNtpTrGqFrp460Te7xnQwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414aa2c6d1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

glucoswitch.com/css/main.css?v3.1

104.26.4.140

200 OK

0 B

URL HTTP/2
glucoswitch.com/css/main.css?v3.1
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/main.css?v3.1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 14:24:10 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"612f8d0a-1ffe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 167095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWQetVbUjYUhEJDXQnC4R1x130BG4CbO5lrDkejKcTqsfsqjTNCQbH7pW7KM2%2F%2F8IJrCavYuQGW%2FDmldowI%2BS3vJmGiWeOabjL3ih8EQxDIQX0dU6jEc8iHxwpLeFqLbLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414ab9e271c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

188.114.99.234

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP
188.114.99.234:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 20634720
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792414ac6e350b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

glucoswitch.com/discovery/js/jquery-3.5.1.js

104.26.4.140

200 OK

0 B

URL HTTP/2
glucoswitch.com/discovery/js/jquery-3.5.1.js
IP
104.26.4.140:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /discovery/js/jquery-3.5.1.js HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: application/javascript
last-modified: Tue, 30 Nov 2021 10:28:12 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"61a5fcbc-15d84"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 167095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHzVaiWe%2FAD6DyMvG9DDBO1SqpqBibyuSgCzg7rRZESpoCCQdweRML7Awp%2FYdWEJZabGbyTm9VKPyHbGdoeOjO4aO8LENsRX6Cw2JssC6NORFdAbJjrGTlsCqUs%2BgIyAlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abee901c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

fast.vidalytics.com/embeds/QrADs9TA/46UN8rzM_fkPgzpU/loader.min.js

151.139.128.10

200 OK

0 B

URL HTTP/2
fast.vidalytics.com/embeds/QrADs9TA/46UN8rzM_fkPgzpU/loader.min.js
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embeds/QrADs9TA/46UN8rzM_fkPgzpU/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-store, private, max-age=0, s-max-age=0
content-type: application/javascript
date: Tue, 31 Jan 2023 17:13:56 GMT
etag: "b4a36ec4c64fbd04ad4561ed3d4fdbf2"
expires: Tue, 31 Jan 2023 17:13:56 GMT
last-modified: Thu, 12 Jan 2023 17:25:11 GMT
server: SP
vary: Accept-Encoding
x-cdn: 4
x-cdn-info: loader
x-goog-generation: 1673544310913534
x-goog-hash: crc32c=Pq/pGA==, md5=tKNuxMZPvQStRWHtPU/b8g==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10530
x-guploader-uploadid: ADPycduAJj68PNlvMNgUTTtu9NlrDYSexwzZ5gGNy0j1g48ztHx6D-TCJ_9PWwFteehutgd4AI_CR0YTytPI-Aj2Gt1YI7wwL0eM
content-encoding: gzip
x-hw: 1675185236.cds256.sk1.hn,1675185236.cds256.sk1.sl
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML