fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123
188.114.96.1301 Moved Permanently 268 B URL HTTP/1.1 fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e1822323e72bd5aedd56629c3f84cff6
67d127f513d872a8d2c20a5ea5ad8ebb625372b2
982ca6d5fb135370abafc17db34a50e6760ee24c1c43d2e35c9427441d47cf32
Analyzer Verdict Alert fortinet Phishing
GET /mw25ckd_leads-GLUCOSWITCH04-013123 HTTP/1.1
Host: fitleanhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 17:13:52 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Age: 0
Content-Security-Policy: upgrade-insecure-requests
Location: https://fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123
Vary: User-Agent, Accept-Encoding
X-Backend: local
X-Cache: uncached
X-Cache-Hit: MISS
X-Cacheable: YES:Forced
X-Cacheproxy-Retries: 0/2
X-Content-Type-Options: nosniff
X-Php-Version: 7.4
X-Xss-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXwfS%2BcVI3jGVvuORd0xSRmCv09TvZj%2BKQ%2BuJ%2FNlBgHPisH6LlaYVWZXlRMVJjS%2BAJF5K2bsCgRrdFRWTPtpJMp6vpkeUqwpnyi0M50NRJcJqkw4oKYRxYN1S6%2FLFOEUgOQP0w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79241497fdae0b39-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3548
Expires: Tue, 31 Jan 2023 18:13:00 GMT
Date: Tue, 31 Jan 2023 17:13:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11842
Expires: Tue, 31 Jan 2023 20:31:14 GMT
Date: Tue, 31 Jan 2023 17:13:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3567
Expires: Tue, 31 Jan 2023 18:13:19 GMT
Date: Tue, 31 Jan 2023 17:13:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 16:43:17 GMT
content-type: application/json
age: 1835
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uIScpxIyqjq1nP4S282H5h6Gbl8LTOhgiLHgZpU3HjI0nw/G1hgutGp+rt13CiW3yI39evdVrIM=
x-amz-request-id: T3NSGHW5X4W3EGVZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 16:22:17 GMT
age: 3095
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 17:13:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5b9d8a25ff914af27ca316956c5967d4
fcfb7c120db4b090c23b410b213b83917fa33898
5517343a7bb435b12a2a76728e1cdecac302bc5e3a9a99be5f25f8dca8532928
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=135644
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:53 GMT
Etag: "63d8bb2d-116"
Expires: Thu, 02 Feb 2023 06:54:37 GMT
Last-Modified: Tue, 31 Jan 2023 06:54:37 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5b9d8a25ff914af27ca316956c5967d4
fcfb7c120db4b090c23b410b213b83917fa33898
5517343a7bb435b12a2a76728e1cdecac302bc5e3a9a99be5f25f8dca8532928
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=135644
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:53 GMT
Etag: "63d8bb2d-116"
Expires: Thu, 02 Feb 2023 06:54:37 GMT
Last-Modified: Tue, 31 Jan 2023 06:54:37 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 16:41:42 GMT
age: 1931
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 007374fcfda6c98c65db871a535ef236
5e92474db7ebb1e31ea4441ae76ac889aa291d36
c5e1fb50e7f5b2f83b42216a70830057a77f4457c2d9b9fd2688eb2f8777b93b
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 17:13:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 30 Jan 2023 21:22:44 GMT
Expires: Tue, 31 Jan 2023 21:22:44 GMT
ETag: "5e92474db7ebb1e31ea4441ae76ac889aa291d36"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7371
Expires: Tue, 31 Jan 2023 19:16:44 GMT
Date: Tue, 31 Jan 2023 17:13:53 GMT
Connection: keep-alive
ocsp.starfieldtech.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 007374fcfda6c98c65db871a535ef236
5e92474db7ebb1e31ea4441ae76ac889aa291d36
c5e1fb50e7f5b2f83b42216a70830057a77f4457c2d9b9fd2688eb2f8777b93b
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 17:13:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 30 Jan 2023 21:22:44 GMT
Expires: Tue, 31 Jan 2023 21:22:44 GMT
ETag: "5e92474db7ebb1e31ea4441ae76ac889aa291d36"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6a71b7e5b3aa2654bec67f1390ad8f8f
c966742a0e43faf97e9254040cc6662e0a2a9e6c
cee68e3ae9ea49b5d375b92f0cff5670ef6e49bf44975ca626eff58cd5741d5f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CEE68E3AE9EA49B5D375B92F0CFF5670EF6E49BF44975CA626EFF58CD5741D5F"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10194
Expires: Tue, 31 Jan 2023 20:03:47 GMT
Date: Tue, 31 Jan 2023 17:13:53 GMT
Connection: keep-alive
trk.anarchywarrior.com/230b1ce3-0a36-4395-8363-a5cec7ce6124?sub1=mw25ckd_013123_leads
104.21.43.3302 Found 0 B URL HTTP/2 trk.anarchywarrior.com/230b1ce3-0a36-4395-8363-a5cec7ce6124?sub1=mw25ckd_013123_leads
IP 104.21.43.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /230b1ce3-0a36-4395-8363-a5cec7ce6124?sub1=mw25ckd_013123_leads HTTP/1.1
Host: trk.anarchywarrior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fitleanhealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 31 Jan 2023 17:13:53 GMT
content-length: 0
location: https://a2a60bt7oyb26zje7lukl88v77.hop.clickbank.net/?pid=15&tid=w6npo7dtij4lf1am277sj560&sub3=91.90.42.154
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: 230b1ce3-0a36-4395-8363-a5cec7ce6124-v4=-glQAAYNJMlqIi_7pOAhgSc3WHCUAxj_Stpg-w8L8Bw; Max-Age=86400; Expires=Wed, 01-Feb-2023 17:13:53 GMT; Domain=trk.anarchywarrior.com; Path=/; HttpOnly
cc-v4=vd%2FDngllfc%2B2E5DRzA1%2Bh4EfC4GyMbDPk80KKAEPpn%2FRbXXFNRqiigTwQlakAlX9KNoKRM1fkxLFQAwecRwUC%2BjKL5%2FDNHPwmfwTJ4vG0aN3gPzUy7CYWR0EiYsThhp4jZKdGrPno6qCJSiEy59oZA%3D%3D; Max-Age=31536000; Expires=Wed, 31-Jan-2024 17:13:53 GMT; Domain=trk.anarchywarrior.com; Path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJfbq2ZqsyzxF2G0Ua7VnpFUtGS9sbmbBfYJ%2B7Y7VUKZODee4Q1lFvdqQTz7DO%2B3poodvoxAWrHz86Fqy62N5kvj%2FnZacXMrCc%2BonERxellsgBk0XyQGKuGVu66jl8%2FbW5igFxVr5Uaj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7924149ffa60b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YHoJ8XuxQ9Tqe6/eVmFssg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HzD3wq8sbymdym1o62rHsi6gcjM=
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6a71b7e5b3aa2654bec67f1390ad8f8f
c966742a0e43faf97e9254040cc6662e0a2a9e6c
cee68e3ae9ea49b5d375b92f0cff5670ef6e49bf44975ca626eff58cd5741d5f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CEE68E3AE9EA49B5D375B92F0CFF5670EF6E49BF44975CA626EFF58CD5741D5F"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10193
Expires: Tue, 31 Jan 2023 20:03:47 GMT
Date: Tue, 31 Jan 2023 17:13:54 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 6a1ca27f89feb8270287477c0f7b382e
3271349b895ab8db78db2ca54ef4aaf2991fd38d
1a00915b6821abe8ef347eeb9e9d43765e698c7de89dc9a385b88bbfeae395ad
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105307
Date: Tue, 31 Jan 2023 17:13:54 GMT
Etag: "63d82ea3-1d7"
Expires: Wed, 01 Feb 2023 22:29:01 GMT
Last-Modified: Mon, 30 Jan 2023 20:54:59 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IIRB4QEkNmSImmlyihRyjt3RKdWxqbqBcI6q8ccMrdAQMqsYk0ZGAA==
Age: 5642
a2a60bt7oyb26zje7lukl88v77.hop.clickbank.net/?pid=15&tid=w6npo7dtij4lf1am277sj560&sub3=91.90.42.154
54.148.132.194307 Temporary Redirect 0 B URL HTTP/2 a2a60bt7oyb26zje7lukl88v77.hop.clickbank.net/?pid=15&tid=w6npo7dtij4lf1am277sj560&sub3=91.90.42.154
IP 54.148.132.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pid=15&tid=w6npo7dtij4lf1am277sj560&sub3=91.90.42.154 HTTP/1.1
Host: a2a60bt7oyb26zje7lukl88v77.hop.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fitleanhealth.com/
Connection: keep-alive
Cookie: q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Tue, 31 Jan 2023 17:13:54 GMT
content-length: 0
location: https://glucoswitch.com?hop=mediawar15&pid=15&sub3=91.90.42.154
set-cookie: q=01.C24439F0FBC97011E10BB8DF72A81B51A9BD75872C9DFD96801C5AFD06B7E68F2F8D239DD5140A251BC18E3256769EA88BE0C643; Path=/; Domain=.clickbank.net; Max-Age=31536000; Expires=Wed, 31 Jan 2024 17:13:54 GMT
p=Rfb7EmautxoKVUEGnPFhDK5qYvxxDm0iCvQvn_AZqULxjvBSiakXtXX3uynEO_REUcceG9xWAGNFrUgVBz5-gq6JCGl_lvmuHvBNqymrXYT6mCjMD0oyJ91vouwzSXzq1rwkFeA7e4DUcYjO_6SYnQgzGvCJWwzeQ7sr5Zr2260bGnCK7bPJOFT157dE66kGfBe_BD2C1i72BXoQHd4b3NsPEhhhJfn-fvRndm0hGYKpAgP8; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Sun, 30 Jul 2023 17:13:54 GMT
server-timing: traceparent;desc="00-e647fd51ed8199e32777a082a8589b81-a9b7f46902d183d6-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/6jSqm3i8h_k
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/6jSqm3i8h_k
IP 216.58.211.3:0
Hash 7149bd668f48fd632302953ec9c664aa
49ed3ba6b6e274e28b6795e9e16ded9d53ede0c4
d175d28f4feeafbc11f87e84592d09d471863c80c5a990a4bd00bb0c995a73e2
POST /s/gts1p5/6jSqm3i8h_k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5111
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 17:13:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5111
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 17:13:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5111
Expires: Tue, 31 Jan 2023 18:39:06 GMT
Date: Tue, 31 Jan 2023 17:13:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 55040
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 55876
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 69938
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01f406ed5d9b17a7aa00015301bddf94
d78e18830fc6cf231f66f95cc0e01520cfeebddf
33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7333
x-amzn-requestid: f03b3e95-5cc6-4749-83c2-d59d6fa9eb2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiVunGWXoAMFXyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d7365d-40b9b11f3f33592829a98fbc;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:15:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JAYN7gfwR0kEenTaM8mS_jGEYfwvcUGrjI_6wTb29wZfcLRuS2WHQA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:52:32 GMT
age: 69683
etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:24:36 GMT
age: 49759
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 72630
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123
188.114.96.1200 OK 61 kB URL HTTP/2 fitleanhealth.com/mw25ckd_leads-GLUCOSWITCH04-013123
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f20b8324f773a108ee1f3afc69bc384b
c586f114631b18e2d427d7b80f4b9c52551a08c4
047a37d0da4f05ac800e51680b5bf43290788abb8b3bbf2dc555a613c66db775
Analyzer Verdict Alert fortinet Phishing
GET /mw25ckd_leads-GLUCOSWITCH04-013123 HTTP/1.1
Host: fitleanhealth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:53 GMT
content-type: text/html;charset=UTF-8
age: 0
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-security-policy: upgrade-insecure-requests
expires: Mon, 07 Jul 1777 07:07:07 GMT
pragma: no-cache
set-cookie: prli_click_466=mw25ckd_leads-GLUCOSWITCH04-013123; expires=Thu, 02-Mar-2023 17:13:53 GMT; Max-Age=2592000; path=/
prli_visitor=63d94c514fba7; expires=Wed, 31-Jan-2024 17:13:53 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=300
vary: Accept-Encoding, User-Agent
x-backend: local
x-cache: uncached
x-cache-hit: MISS
x-cacheable: YES:Forced
x-cacheproxy-retries: 0/2
x-content-type-options: nosniff
x-fawn-proc-count: 1,3,24
x-php-version: 7.4
x-redirect-powered-by: Pretty Link Beginner 3.2.4 http://prettylink.com
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mzjr6LFi34QCoQJ0hIFIDUBoSx3vzf8wOlLPrsR%2BwY4oSslHeIqBcBe9MFK5yqgD0LTdta9qK%2FvAjrQnn4GsRJGHUp9vuE5iLYQd%2Fh7nuBb9wjva9jp9AOx7%2FR7su%2BCGd8%2BN5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7924149b6c97b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
glucoswitch.com/images/btn.png
104.26.4.140200 OK 2.8 kB URL HTTP/2 glucoswitch.com/images/btn.png
IP 104.26.4.140:0
File type PNG image data, 282 x 84, 8-bit colormap, non-interlaced\012- data
Hash 3e79cf10eeafa16f7c45390d5735a40f
9ff12cae6d3e9156e8b9739c62f054e5676fd4c4
2e33e4f3b443da7526641df92195525a120b3862cd9547e8e651e5237b5967bc
GET /images/btn.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 2798
last-modified: Thu, 15 Jul 2021 13:48:28 GMT
etag: "60f03cac-aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzYRxL%2BDC4dTBos5OCy6vn4mQaNKQhu%2FBsSHKAQ%2Bn3zc39WwJdgLMK%2BHlg3ssnYKUSC%2FXDC2QVRGG7Voy8122tBKgMH9Cin8LyGGIucLykVSQJa30oqcP%2FDblnaat%2FoP4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae331c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/images/product-bottles-3.png
104.26.4.140200 OK 89 kB URL HTTP/2 glucoswitch.com/images/product-bottles-3.png
IP 104.26.4.140:0
File type PNG image data, 334 x 232, 8-bit/color RGBA, non-interlaced\012- data
Hash cd7e0092122ea0c2ab2711f9c87b49f9
fed3a302c868d45af8c993362076345e8710b5eb
0687e4dfaa04013a17e4740a5ffa4f1d88a282cb889f8ce1e0f1c0a56ef852f9
GET /images/product-bottles-3.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 89378
last-modified: Thu, 15 Jul 2021 13:48:44 GMT
etag: "60f03cbc-15d22"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 1565713
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEEiwEo4m2QstPVE6oQjATXWQhk1XpsiOW%2BNuIje%2BgWSQXE0c5yHFHdxfivgVKSMZoTUQqP8Qu8rdGTIBaFhd6XpxComNwwLR%2FcwZhIaOEZ3TN8WnK1Ahb5Cw8Sm8Dz6Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae341c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/images/product-bottles-6.png
104.26.4.140200 OK 112 kB URL HTTP/2 glucoswitch.com/images/product-bottles-6.png
IP 104.26.4.140:0
File type PNG image data, 334 x 232, 8-bit/color RGBA, non-interlaced\012- data
Size 112 kB (111941 bytes)
Hash 8eb7dd5fc7472d0ea19d55e50b7cae3c
6d2aa0852777502320593fea2d85f3a7760b514a
183e9bd9ce310bb8243b29eaa3a849932edf0f2510b33944e72aa7e4804165b4
GET /images/product-bottles-6.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 111941
last-modified: Thu, 15 Jul 2021 13:48:44 GMT
etag: "60f03cbc-1b545"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 415055
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJ9shCnjIpyb%2B6iyiii6a5hN%2FAPlYFeGJYWo0A5sKp%2B5D22D%2B5%2B8k4Q%2FrGKVXuBw%2BxLGhPx22A8ggtmddW%2B4AFFPyzoO7TndKwFq7f8E%2BL%2BqHnxutKoe7u62KT1HpwsskA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae351c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discovery/images/add-cart.png
104.26.4.140200 OK 8.5 kB URL HTTP/2 glucoswitch.com/discovery/images/add-cart.png
IP 104.26.4.140:0
File type PNG image data, 400 x 121, 8-bit colormap, non-interlaced\012- data
Hash 31173b47eae70e9774db2e3230fb6af9
bb47845d22afac3ff3813d41d562bf74d57aca4c
6310dc1605935841483e6ef31f2dc1284f3aab95a22e6955172a58c355a41143
GET /discovery/images/add-cart.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 8475
last-modified: Fri, 17 Sep 2021 14:21:30 GMT
etag: "6144a46a-211b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHRjm5Wjr9v8CEUCsZEWq81%2F7fqpzq%2BW91siabARincAJaaaWlav9oNfx2tyqymY2cHy2jHZg6iEQZBro3nxPRKR9pWkYXq38cLwJGIdfaucEriTfrYdGK0QzDisoGD84A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae3a1c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discovery/images/product-bottles-1.png
104.26.4.140200 OK 11 kB URL HTTP/2 glucoswitch.com/discovery/images/product-bottles-1.png
IP 104.26.4.140:0
File type PNG image data, 334 x 232, 8-bit colormap, non-interlaced\012- data
Hash 4effe32af35a201253d586013361333c
1c136bb36411028f461d259b30c894993bbcac8b
51c8c2c30170c106a17e0d564ba2047f4707e22d41e8b196874125bc3377cf26
GET /discovery/images/product-bottles-1.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 11177
last-modified: Fri, 17 Sep 2021 14:21:30 GMT
etag: "6144a46a-2ba9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KXJopj4I6aPwwKddcyFAvGeFFSvJILklrM%2FiwMq0Pkgaalqxe%2BzyLGejpbTkHv5VbVp5V7SWPpU%2BrSv282ncgN8%2BA3SK1pI6m8mMJPeOTMQjGDLOxM3IX0MCTlOO8NVKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae391c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discovery/images/credit-card.jpg
104.26.4.140200 OK 17 kB URL HTTP/2 glucoswitch.com/discovery/images/credit-card.jpg
IP 104.26.4.140:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:10:31 14:49:28], progressive, precision 8, 168x24, components 3\012- data
Hash b23189cc855a83bf542b43bf701bd311
d4cf6104a1b4578fb684fb274e1b0ad107189ab0
5eed70266e4ae59eff8bf5e7e795b4312d77cec9afd731d8c47cac044bd50d7f
GET /discovery/images/credit-card.jpg HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/jpeg
content-length: 16703
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "6144a46a-413f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 17 Sep 2021 14:21:30 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHNTD3GQ1fknaKUwiprEPHDGqKsLJdOlilhOpJdqaqVmnwyqM9BiXRi2fl%2BBfbxUCAVd7MZzoruR%2BmKcdqE2CDXEqodcfVaE%2BDPuFPIruj4mq1DwwVlrlAgoqQW2GMkFxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abbe431c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discovery/images/product-bottles-3-b.png
104.26.4.140200 OK 45 kB URL HTTP/2 glucoswitch.com/discovery/images/product-bottles-3-b.png
IP 104.26.4.140:0
File type PNG image data, 334 x 232, 8-bit/color RGBA, non-interlaced\012- data
Hash 567c30c150a2ce0b7ec7abf9a4662ac4
f743b5b2494c5cee7e00cd1a562a001890f2ebe8
1a2e5d047907bb4f36d900d3916386dfe62eb44a8d070155c58169532b96925a
GET /discovery/images/product-bottles-3-b.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 45062
last-modified: Mon, 18 Oct 2021 08:26:01 GMT
etag: "616d2f99-b006"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iQNsZMeDK8wRF9K57D29FIHfZO5PII14aEmpn2vIgvsefvAPfGjhHYwLRVBC2kU9SrqOQFiaepUbkK5I5tUAFw9VCpkH%2BBvCLzB%2Fu4X%2B74L%2BrxiTeO31WFTVC1LuzNGFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abbe441c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discovery/images/free-shipping.png?v1
104.26.4.140200 OK 427 B URL HTTP/2 glucoswitch.com/discovery/images/free-shipping.png?v1
IP 104.26.4.140:0
File type PNG image data, 49 x 20, 4-bit colormap, non-interlaced\012- data
Hash f45d44d4e0b1f55897fd4dcd7b5db613
869a77be6b27d17604d3cafa6ddca724a881a9bb
ad41fa8d859e22982b208ee8dff5cdcd98105f6eb576014b588e53c2b95ae694
GET /discovery/images/free-shipping.png?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 427
last-modified: Fri, 17 Sep 2021 14:21:30 GMT
etag: "6144a46a-1ab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAkZ5ViC4WRUxv0%2BB95oH5eHDH%2FUm4kZHxzKaNqamyRY8C%2B1OWF9mtiVw8eIrEyQ%2BdpkuJov66gyDPsEzRyZq7%2BAZQczQ0GKk5rIG83J%2FtVOn1hj%2B%2BRgb8DvT7p2Pe3V0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abae411c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discovery/images/free-offer.png?v1
104.26.4.140200 OK 1.5 kB URL HTTP/2 glucoswitch.com/discovery/images/free-offer.png?v1
IP 104.26.4.140:0
File type PNG image data, 189 x 61, 8-bit colormap, non-interlaced\012- data
Hash fe31adf47cdcce131be4362a600ff87b
2b8a996646c0e38c6041360fa4e959be114d5384
77b6971aa2fc9c1f1993ac0068d600eaca6a932132d768d2e93cab861bda682f
GET /discovery/images/free-offer.png?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 1468
last-modified: Thu, 25 Aug 2022 12:56:11 GMT
etag: "6307716b-5bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 144940
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUohon8uo9fCbg5yho7GaEyI%2Bkmrlz1vo309cvB%2B%2FioSi1wn%2FqH9DkkLKTmA%2FqSGe7S%2FeTVenoSyFuJKTuwDKGPa6NDGQqpHcZoeHOzwzA%2BlxZmRabmx%2BDIgLMxzq98lXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abbe451c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discovery/images/product-bottles-6-b.png?v1
104.26.4.140200 OK 110 kB URL HTTP/2 glucoswitch.com/discovery/images/product-bottles-6-b.png?v1
IP 104.26.4.140:0
File type PNG image data, 334 x 232, 8-bit/color RGBA, non-interlaced\012- data
Size 110 kB (109741 bytes)
Hash 6e732da2e258f66034a594129ab0f4ad
46f4a4bf18237ca76a53f7ab9eab64cb540efc5b
096c598eee198fd40aad1a29ac5d36b8d2c883269b68c13c5d112faec5788bf3
GET /discovery/images/product-bottles-6-b.png?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/png
content-length: 109741
last-modified: Mon, 18 Oct 2021 08:26:02 GMT
etag: "616d2f9a-1acad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 1565713
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeUkmtUcQs6HY63c1OBRi6fpRbY7O2pyWtDQtqtM758Mkx71bW7Hgw4TuBwxtkoNBK7i5JUFfZQcNnRojvIgm%2FtV5CE3y%2BMT8Yg7O09r5cQLm0ie%2FlI1%2FTc55%2FWBxIscHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abbe461c0a-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 363936321a9f08665a6afc9fdafbe442
bf305cdf4315648572bcd015a12a8768570b23ca
b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Last-Modified: Tue, 31 Jan 2023 16:51:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
glucoswitch.com/discovery/images/brian.jpg?v1
104.26.4.140200 OK 32 kB URL HTTP/2 glucoswitch.com/discovery/images/brian.jpg?v1
IP 104.26.4.140:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:06:30 12:27:59], baseline, precision 8, 150x150, components 3\012- data
Hash c87e3b15b479ab5ff2c69eae03b1d97f
cfbde05acd6cabb6e85040359dc2bb86ebac9b79
0a1c1ae0de639f55cb287b75ab6a7f8f690cf5b8dd21ce71d83bb4e8219e25e6
GET /discovery/images/brian.jpg?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/jpeg
content-length: 31780
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62bd4ae0-7c24"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 30 Jun 2022 07:04:00 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMuHAQ2A3nsMsYGiP0%2B9mxgu%2FNShGPxdJTsOI9KyeduDSpRRRYsZCnuMiGZ5M4z2qAMbuQgQkXg5SxSiYHakLL85IruMGgmfYyl4VqWwYrWk36wJxvkjZfFlgLvcY%2BzwIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abce501c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/?hop=mediawar15&pid=15&sub3=91.90.42.154
104.26.4.140302 Found 10 kB URL HTTP/2 glucoswitch.com/?hop=mediawar15&pid=15&sub3=91.90.42.154
IP 104.26.4.140:0
Hash 91d3e4413c4c6d78c75f09c0cb78facf
8396367fdb8b51d6e5234390cefc6c02bafe3a70
bd078a09768ce9f69d76bd542d426513d00ddef83a59908090d199d93a900192
GET /?hop=mediawar15&pid=15&sub3=91.90.42.154 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fitleanhealth.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/html; charset=utf-8
set-cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; path=/; expires=Mon, 31 Jan 2033 17:13:55 GMT; secure
user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; path=/; expires=Mon, 31 Jan 2033 17:13:55 GMT; secure
uid=wKhaAWPZTFOLTQAyAzHXAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=0; path=/
location: /discovery?hop=mediawar15&sub3=91.90.42.154
content-security-policy: frame-ancestors 'self' cbsplit.com glucoswitch.com glucoswitch-com.cbsplit.com ;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPZOR8pEt9mcs%2BoeeUWiRfBB3G0lE9M0MgxehEAIL0VMSSHlbhPV%2FsSDz3y%2FftJ%2F54n4hRGaHawiJoTVC7sD0Jbq6xj%2FRj18SCN3pRQEiytVNaQptXmpu%2F0kVfcqQYlqog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414a6d9341c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discovery/images/michael.jpg?v1
104.26.4.140200 OK 34 kB URL HTTP/2 glucoswitch.com/discovery/images/michael.jpg?v1
IP 104.26.4.140:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:06:30 12:28:19], baseline, precision 8, 150x150, components 3\012- data
Hash ff2a5ff4b91351aebd1816c7245d566f
859ba2b9008300a843ac445e27f6d193d1091f7a
cda892251945a0ffc778a6b679ec32244ccb4f5c10de4933c6b57150cc1e1c64
GET /discovery/images/michael.jpg?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/jpeg
content-length: 34185
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62bd4b32-8589"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 30 Jun 2022 07:05:22 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 415054
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sCy%2BtKa72ZCTm0Ifb8fAH%2BhhQ585KqpmNhVAGCfgqYG8Abrgc6Dzx86d19SaFswVihwFdWk3nMmNAnxFdQZTpDsd%2Bt%2FiAqiCzdC49%2BI33zRJmFfVYgepYPFGRBXXusJAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abce581c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discovery/images/tina.jpg?v1
104.26.4.140200 OK 35 kB URL HTTP/2 glucoswitch.com/discovery/images/tina.jpg?v1
IP 104.26.4.140:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:06:30 12:29:13], baseline, precision 8, 150x150, components 3\012- data
Hash e5626a21ed047c80caef5e3837ff95bd
dbb5a1e643d982ec58b7f411c17d8a62c8cf6c8c
3b78790968a247983e2874aabef97776026a1164d2109b68e966fd4f377c44be
GET /discovery/images/tina.jpg?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/jpeg
content-length: 35330
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62bd4ae0-8a02"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 30 Jun 2022 07:04:00 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcSJ8%2Fb%2F%2FO%2F4Teb6VPJWrw%2FDrlIfBPG4pvyRSGaQw1Nh7KXDL9afDv3uWp9cW0nsShSNCYKTerHxpEik9xhDUI2EsBtDwwvxeQioczbKvsH43FdRvEOn1yjekg6F38BJlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abce561c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discovery/images/tania.jpg?v1
104.26.4.140200 OK 36 kB URL HTTP/2 glucoswitch.com/discovery/images/tania.jpg?v1
IP 104.26.4.140:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2022:06:30 12:28:54], baseline, precision 8, 150x150, components 3\012- data
Hash 9573ec62cfd44e82e48a8f1c24c06763
7722e0a146f61cfa37f25b9fe4ef3f9c2c2f9ff8
77e3d56ce4613aa0049b2ca6a9f38799dc36208ae64306c1522b60314ba56eae
GET /discovery/images/tania.jpg?v1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: image/jpeg
content-length: 35592
cache-control: public, max-age=315360000
cf-bgj: h2pri
etag: "62bd4ae0-8b08"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 30 Jun 2022 07:04:00 GMT
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167095
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0OhFiy496%2FvFZW2Ni0m%2BhgXgExD6gsyAMh2NnmX8zVeAwPxl3O6LRSY66%2B%2Ffchks6L8NTs0wJri9dOw%2F1u%2FuKUHbB52txGvebxlVLHRKohhxXcDgBo%2BfsV6FRYI4H8flA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abee801c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discover/css/extra.css
104.26.4.140200 OK 574 kB URL HTTP/2 glucoswitch.com/discover/css/extra.css
IP 104.26.4.140:0
Size 574 kB (573459 bytes)
Hash 61c702d5aee8b4efcf6187a297980e8d
57f2df24e1ec7779a0a20b3a3d7f1ab4adbacbf8
8deea572894eadc4aecb4280f57bfdbb3a7d4fc6d0eeec76cb030ba088dddef4
GET /discover/css/extra.css HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/css
last-modified: Fri, 30 Jul 2021 13:41:32 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6104018c-505"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 167095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4YgADaRcoxOVaFOeIAW4yk3p07SxS9NKJQz92el6I9eYnzuYE7Ifnd2ZMqWpRGXksm1TGg1A7tHAK%2FnS5cDzEpMRZwWUl9eMQndNjroIFc7WIBRQGjOrFqSm3NT0h%2BVfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414ab9e251c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
glucoswitch.com/discovery/css/vsl-home.css?v3.16
104.26.4.140200 OK 1.8 kB URL HTTP/2 glucoswitch.com/discovery/css/vsl-home.css?v3.16
IP 104.26.4.140:0
Hash 9a8a9f1167d10dc493e4aa80c60e66ef
745e672901173a5b49dac3b90552ce33b56f9784
96143778f6281dd7b95119ac430cdf3df4198862b9829f1c9472be8120b4614a
GET /discovery/css/vsl-home.css?v3.16 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/css
last-modified: Fri, 17 Sep 2021 12:54:32 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"61449008-12da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 415055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ef0O1oVyInt0JTbCKjZlyZkUp4yg9YeMr%2B1q7i0Sw8%2FhLV227ROXF7%2Bsy3wBzNUN%2BSGZdKAZYxLJG%2B8LjAkb%2B%2BRKNR5GZpc0zQQY%2FiB9g9pHmu5bSBjDPTfIIPHP7d5vKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414ab9e201c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
216.58.207.234200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 09:52:09 GMT
expires: Sat, 27 Jan 2024 09:52:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 372106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700&display=swap
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700&display=swap
IP 142.250.74.106:0
Hash 8a30b6c3585909ee6234e44c3b633a3a
d03cfb333c0572ba60de76509c5c1e2ae778473f
56897369b5e2737d7e7ffe660f7f7b03f77a4a03b3860331b24632fa49cbc639
GET /css2?family=IBM+Plex+Sans:wght@100;200;300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 17:13:55 GMT
date: Tue, 31 Jan 2023 17:13:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
142.250.74.106200 OK 814 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
IP 142.250.74.106:0
Hash 4e305d8e89c88fc53f14af216c7f7d46
d470919e557de00110c28f85a330a19496cff04c
f11fcef7488e8f57edc4f29fd931a57a7df1efd6a805853a46cfe283893c8c87
GET /css2?family=Montserrat:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 17:13:55 GMT
date: Tue, 31 Jan 2023 17:13:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 381947
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 155516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 17:13:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash e6e98858e07e37acdb64c79e30e1a6ae
7c1426571afcb99328204792576a9b3814ea3bba
6577b4538febd004f85dac52e2f300c9d8b2a7e8fbbb2f4dd4ae6732dfea88ed
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152044
Date: Tue, 31 Jan 2023 17:13:56 GMT
Etag: "63d8f902-1d7"
Expires: Thu, 02 Feb 2023 11:28:00 GMT
Last-Modified: Tue, 31 Jan 2023 11:18:26 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: anw057WVieQOMqJIAOukvsDOd9-W2vPBMnPsYUVI1RDsSOladk1vtQ==
Age: 574
cbtb.clickbank.net/?vendor=gswitch
52.32.168.94200 OK 936 B URL HTTP/2 cbtb.clickbank.net/?vendor=gswitch
IP 52.32.168.94:0
File type ASCII text, with very long lines (936), with no line terminators
Hash 6c0b964b273d662f25b84cd29e51b607
6bef26208ee6a1d7105720e5cc54f273868630a9
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c
GET /?vendor=gswitch HTTP/1.1
Host: cbtb.clickbank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:56 GMT
content-type: text/javascript;charset=UTF-8
content-length: 936
set-cookie: AWSALB=DnzBKGEJA0c/3iIR5a195WUhRZfxzbLsVvRXeHTiuTyI3k+MN/sEQas2Fi9/G0qAhfajILm0c+Mfnid4Cetxnv58kB8wWFJeqRprYwRdI2V8VFXg/LnIxztqopqW; Expires=Tue, 07 Feb 2023 17:13:56 GMT; Path=/
AWSALBCORS=DnzBKGEJA0c/3iIR5a195WUhRZfxzbLsVvRXeHTiuTyI3k+MN/sEQas2Fi9/G0qAhfajILm0c+Mfnid4Cetxnv58kB8wWFJeqRprYwRdI2V8VFXg/LnIxztqopqW; Expires=Tue, 07 Feb 2023 17:13:56 GMT; Path=/; SameSite=None; Secure
server: Apache
cache-control: max-age=900
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/stream.mpd
151.139.128.10200 OK 4.7 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/stream.mpd
IP 151.139.128.10:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 40ebbca722f418ffb91b708741ee7d7e
786e04e772bc766a67bdfb776eeda63ec51f34ff
19c451e24dbe3f64ceb9fecbd612165aed4e8c1edb70e3fd1d955b6c071d795d
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/stream.mpd HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 4687
content-type: application/dash+xml
last-modified: Sun, 07 Aug 2022 21:04:14 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdutveF6ZhVQYPyaeFlCEyHyiVvY87yIXQhhs8qvS9AtyxOB6yENBZuQXpGEnFHVXqBQ01I3QXPe5H97fQR_3SL9rw
cache-control: public, max-age=31104000
etag: "40ebbca722f418ffb91b708741ee7d7e"
x-goog-generation: 1659906254219313
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4687
x-goog-hash: crc32c=JTLBlw==, md5=QOu8pyL0GP+5G3CHQe59fg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds250.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 056d8e931511a832f5adb62d6f0a5312
23c7d206fb81e625b7a7fa61a1e966c661a38fdd
bff7b15c88ccd425722dc5e87196cf49636b3aead3108ffb8fb6f46bbf2a5a68
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 17:13:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 15:54:37 GMT
Expires: Wed, 01 Feb 2023 15:54:37 GMT
ETag: "23c7d206fb81e625b7a7fa61a1e966c661a38fdd"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
fast.vidalytics.com/embeds/QrADs9TA/46UN8rzM_fkPgzpU/player-dash-mse.min.js?hash=mlcmiecnb
151.139.128.10200 OK 593 kB URL HTTP/2 fast.vidalytics.com/embeds/QrADs9TA/46UN8rzM_fkPgzpU/player-dash-mse.min.js?hash=mlcmiecnb
IP 151.139.128.10:0
Size 593 kB (592782 bytes)
Hash 8f8ee7045c8e1c3a78d1a8a8b49e7407
c0afe55f4445cdd80394bc092229bd5603a1579a
2db4e19e528f74ac2e1f0d94cce978fc1771dd2ae7a4a068f451d7f2362633f4
GET /embeds/QrADs9TA/46UN8rzM_fkPgzpU/player-dash-mse.min.js?hash=mlcmiecnb HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
age: 1612538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/javascript
date: Tue, 31 Jan 2023 17:13:56 GMT
etag: "9b710a62455cc50a73b957dbbcb82b77"
expires: Thu, 02 Mar 2023 17:13:56 GMT
last-modified: Thu, 12 Jan 2023 17:25:11 GMT
server: SP
vary: Accept-Encoding
x-cdn: 4
x-goog-generation: 1673544311343385
x-goog-hash: crc32c=ZH5Jow==, md5=m3EKYkVcxQpzuVfbvLgrdw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 509503
x-guploader-uploadid: ADPycdtZRLu3aR_vQr7U0uC360AJHMCNsRAhkeyoSOcNhIzpTGw2qtnzuuTfFd9vpXUGMsARBv0qmimZltOylJPV0ewXMA
content-encoding: gzip
x-hw: 1675185236.cds256.sk1.hn,1675185236.cds256.sk1.sl
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 056d8e931511a832f5adb62d6f0a5312
23c7d206fb81e625b7a7fa61a1e966c661a38fdd
bff7b15c88ccd425722dc5e87196cf49636b3aead3108ffb8fb6f46bbf2a5a68
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 17:13:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 15:54:37 GMT
Expires: Wed, 01 Feb 2023 15:54:37 GMT
ETag: "23c7d206fb81e625b7a7fa61a1e966c661a38fdd"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash b68d4e6e4d0a88620588831e010103b4
075b8e406ea12d9c3a65ff024fbf08be532e7471
400cc1735d8f03257076c7f54d7f921ed718636cd22105c4fd9ea2d23b70917e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 31 Jan 2023 17:13:57 GMT
Etag: "63d89114-1d7"
Last-Modified: Tue, 31 Jan 2023 16:05:38 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UDgtgBw8OefbPUuC5bKvYlTTgD6x7s-mgwquTPUK2jP9FuVGupJ-bg==
Age: 4099
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/init.mp4
151.139.128.10200 OK 459 B URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/init.mp4
IP 151.139.128.10:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 9ca7c465fe1875363d003a015e82fa15
f1fd497dad3d1a5816a4abd6fe57464c9c7619a4
0032a01ab3dc07cd657d0a62d16094bcc6503af97a0958941bb9f7af8b43d6e1
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/init.mp4 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 459
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:01 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdu35QSDbc9cEVAfpRkUD4ekF254GCCr-8_BSmNffEjeP-s-SV9K3yBgdAfdbDaAZgaBOLJ0N2dFloERU7KHEO-iPQ
cache-control: public, max-age=31104000
etag: "9ca7c465fe1875363d003a015e82fa15"
x-goog-generation: 1659905941055337
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 459
x-goog-hash: crc32c=u8l+QA==, md5=nKfEZf4YdTY9ADoBXoL6FQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds067.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
licensing.bitmovin.com/licensing
35.227.229.24200 OK 165 B URL HTTP/2 licensing.bitmovin.com/licensing
IP 35.227.229.24:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 146
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
glucoswitch.com/images/favicon-red.png
104.26.4.140200 OK 2.3 kB URL HTTP/2 glucoswitch.com/images/favicon-red.png
IP 104.26.4.140:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ad515513b53770ddea05abea403b419b
9db024d57455ae3f9c722bf301487518f054c28e
9ad8aa93f2b840b063aac09a8a10fa1a4ca9f5bbdce753e4cb168ce90f70ab48
GET /images/favicon-red.png HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4; affiliate=mediawar15; affiliate.sig=giIMhF-GoLlcOAt3Ua_reBcGBAY; bitmovin_analytics_uuid=6f5a8cb6-7ec7-46fd-942a-f491d917a1a5; timer_93_=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-type: image/png
content-length: 2324
last-modified: Thu, 05 May 2022 10:48:27 GMT
etag: "6273ab7b-914"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
vary: Accept-Encoding
cf-cache-status: HIT
age: 167096
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hb43DDluneupe3K2cbsSKKUMzl1BKm7ZEeOIyVSX30%2FgAphNbCFlr5cTRZkUdcGBpdphziiteFq6U3%2FLqRlmfxSvcV5o25bsiXn%2F2R7GLrztwxABh6P3OyvQ00KVtfDNnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414b66b661c0a-OSL
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_0.webm
151.139.128.10200 OK 291 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_0.webm
IP 151.139.128.10:0
Size 291 kB (291182 bytes)
Hash b7bfa5ba3e51a84fb0df628d79453967
c4c9e9d0765d24a7737aba7ceaff775a7d3302fc
f817281462ef44d8982dd7f9413fd7a1874198dc6102c1c448b9c7bbbad0cb84
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_0.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 291182
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:01 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdtaUhkjTwf-MGxaPvRI77nyQIwjTKUnRkCtwJ_yd6S1MENXxXusnWi7UJHSt0HLGnTC5HawNrg7QHGM2jumtgEun5MPt87f
cache-control: public, max-age=31104000
etag: "b7bfa5ba3e51a84fb0df628d79453967"
x-goog-generation: 1659905941246406
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 291182
x-goog-hash: crc32c=pQTg9Q==, md5=t7+luj5RqE+w32KNeUU5Zw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds264.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1254
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:13:57 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
54.230.111.43200 OK 3.5 kB URL HTTP/2 prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
IP 54.230.111.43:0
File type PNG image data, 472 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 47cdefc96f75be3d978d4b444737b00e
c9d8540c17ed48b72be610bb5795120e4d560d6f
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308
GET /dist/assets/logo-header-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3472
date: Mon, 30 Jan 2023 23:48:17 GMT
last-modified: Mon, 21 Dec 2020 21:57:35 GMT
x-amz-version-id: rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
server: AmazonS3
etag: "47cdefc96f75be3d978d4b444737b00e"
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gc7d35nnQvRwZ_3jARb7aAl1d5CRA94qHX9ZMQWAFWmgRFvAQx-EzA==
age: 62741
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
54.230.111.43200 OK 4.3 kB URL HTTP/2 prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
IP 54.230.111.43:0
File type PNG image data, 321 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash c06ae1ecaaf7e0610c68af117658a7e0
337cc86d38734fd76333c063366ec36e7a7d343a
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
GET /dist/assets/logo-tab-two-tone-en.png HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4341
date: Mon, 30 Jan 2023 23:48:17 GMT
last-modified: Mon, 21 Dec 2020 21:57:36 GMT
x-amz-version-id: 65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
server: AmazonS3
etag: "c06ae1ecaaf7e0610c68af117658a7e0"
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KGm9FueWWlsthozCTkKjZqZUsmyQTNSM3CaBq5O6wpBBOWcm5YmGvQ==
age: 62741
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
142.250.74.106200 OK 12 kB URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap
IP 142.250.74.106:0
Hash 5fd52c68411043be4659458a89ada44a
e5f94a133fc4eabe58183f576d317dc32b402e73
bc51180eba25268b05f6f5cb83444ae7e8b0c1bf4d17fa7ac83b9cfac09b90c3
GET /css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 17:13:55 GMT
date: Tue, 31 Jan 2023 17:13:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash eacc5895745c1d0e2561d630db526178
77331ece53cccf7a6a219fae33105550fca037a9
4e97ef071c169acbce4919dafc1e49342c9b0698422e0b82288e2d2238c7ac88
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 17:13:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 00:15:19 GMT
Expires: Sun, 05 Feb 2023 00:15:18 GMT
Etag: "77331ece53cccf7a6a219fae33105550fca037a9"
Cache-Control: max-age=370280,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792414b52e85b506-OSL
seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
82.102.27.18200 OK 4.4 kB URL HTTP/2 seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
IP 82.102.27.18:0
File type PNG image data, 153 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e1bae45c56b7d21a7ac325790f8acd0e
c61a206bce2c120fe77de6058877e4bb1dd02ff3
f9bc6b60cdb2bee77a6f9ec4b48c1df9c8780dc1f81c0fb1693856f580186b72
GET /seals/blue-seal-153-100-clickbank-5004291.png HTTP/1.1
Host: seal-boise.bbb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Tue, 31 Jan 2023 17:13:57 GMT
content-type: image/png
content-length: 4394
cache-control: max-age=14400
expires: Tue, 31 Jan 2023 21:13:57 GMT
last-modified: Mon, 30 Jan 2023 19:47:45 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_1.webm
151.139.128.10200 OK 374 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_1.webm
IP 151.139.128.10:0
Size 374 kB (374405 bytes)
Hash 7e69db88328e4747ff70bf59d6fa444a
c26f086f1cd4438b3af23955d715268195c5fa82
7e94004ac27c06a48e4c21d45196f9b4380327972f1b2f132bdda10eda1d727d
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_1.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 374405
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:12 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdt_MosxK12zcBTWaNJ_xvHwLOlwlxkuvYm3_oc38YxidVdSGtbl-vS2ViapVdd3Cr73D1rJlW0iKYC7oOpR4ZICag
cache-control: public, max-age=31104000
etag: "7e69db88328e4747ff70bf59d6fa444a"
x-goog-generation: 1659905952616764
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 374405
x-goog-hash: crc32c=YBQH8w==, md5=fmnbiDKOR0f/cL9Z1vpESg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds242.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_2.webm
151.139.128.10200 OK 397 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_2.webm
IP 151.139.128.10:0
Size 397 kB (397137 bytes)
Hash dc8cf493cdc83dc4fc1aa51e0ff9ef37
ea3b8b8772ff3b1c3ead0818ce061923334bd653
15e8b322e49056935722a9d8f863eb51ab5926c4fa4130beb751a208a9ea7170
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_2.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 397137
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:15 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdv4BClO8BFp7sPx4t7rrTKfTiWyoPpM-KLY6HueAE7OJ8Ada-qDnLbNWq2aOl61ugvoniqEur3V6pWmTOqxPWUO8dFYxYiF
cache-control: public, max-age=31104000
etag: "dc8cf493cdc83dc4fc1aa51e0ff9ef37"
x-goog-generation: 1659905955263874
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 397137
x-goog-hash: crc32c=6S+uow==, md5=3Iz0k83IPcT8GqUeD/nvNw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds235.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
licensing.bitmovin.com/impression
35.227.229.24204 No Content 0 B URL HTTP/2 licensing.bitmovin.com/impression
IP 35.227.229.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /impression HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 111
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Tue, 31 Jan 2023 17:13:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_3.webm
151.139.128.10200 OK 372 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_3.webm
IP 151.139.128.10:0
Size 372 kB (372120 bytes)
Hash aa10d1f8197af0f04a64081f33afaecd
727f2ce0cbdd75834dea6ed6aa067fd8059d5dda
3f0719e00e484d899c448c6e5e1382bb3fb20aa0c2a6bc5b6f1fe3b1d3708a27
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_3.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:57 GMT
content-length: 372120
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:15 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdvMdmZkdpLyCFUQ8BYYDYgVI1_2v1BQJ2zLjdL1_QHaPxujkW-h80TjXZdBOtcbNXwX8K6lVHZzS2AvpJSuMlvTKw
cache-control: public, max-age=31104000
etag: "aa10d1f8197af0f04a64081f33afaecd"
x-goog-generation: 1659905955331107
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 372120
x-goog-hash: crc32c=WlwZ1Q==, md5=qhDR+Bl68PBKZAgfM6+uzQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185237.cds256.sk1.hn,1675185237.cds223.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
stats.vidalytics.com/awesome-log?cid=QrADs9TA
107.178.211.97200 OK 43 B URL HTTP/2 stats.vidalytics.com/awesome-log?cid=QrADs9TA
IP 107.178.211.97:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /awesome-log?cid=QrADs9TA HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "QrADs9TA/L2aaJDvPVctW0Z94"
date: Tue, 31 Jan 2023 17:13:57 GMT
x-envoy-upstream-service-time: 9
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_4.webm
151.139.128.10200 OK 289 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_4.webm
IP 151.139.128.10:0
Size 289 kB (289305 bytes)
Hash 7c0b579dca9b90560e6f4e3ac9d33eb9
e0cf7904c9a8a2d226aff3a6e0678c75f57040ac
a0842280d09aad9e92e317e50ca334531115c50aa7d00feaca62b988dc4bbb42
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_4.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 289305
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:26 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdtPdOZPMwkAP76Jw3WMvUgefB_-mMfsrnklbntUyh5THGzjhBP2F5u-HRwoCkOBxGH9IaX83Q8snD_2JDUeQs3nxQ
cache-control: public, max-age=31104000
etag: "7c0b579dca9b90560e6f4e3ac9d33eb9"
x-goog-generation: 1659905966193279
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 289305
x-goog-hash: crc32c=ySUl5Q==, md5=fAtXncqbkFYOb046ydM+uQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds244.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_5.webm
151.139.128.10200 OK 315 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_5.webm
IP 151.139.128.10:0
Size 315 kB (314553 bytes)
Hash 2015f4f5a10a27107f93cd9bd57c54fe
f10cd3e8f9cafa3f791f68b9614c79277e820435
b5886fa4bac86e241d101d3b111abb9e9a8906a550a235f134a49bc5d6a96b54
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_5.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 314553
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:12 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycduTaapHKF4HcS60fYAl0X5UvSLkcxcHW8gjsyZPqQPw5j3AgucSmA4VNCb5_wb7LZfr46FEBcma19tQ4pNjfMg6wQ
cache-control: public, max-age=31104000
etag: "2015f4f5a10a27107f93cd9bd57c54fe"
x-goog-generation: 1659905952217974
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 314553
x-goog-hash: crc32c=BTWhCA==, md5=IBX09aEKJxB/k82b1XxU/g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds248.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_6.webm
151.139.128.10200 OK 302 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_6.webm
IP 151.139.128.10:0
Size 302 kB (302125 bytes)
Hash c5b9e6bab612c0fea9bf80879f74ddc0
7d9d8186347ed66b88091e5a7fdda5d05ed591da
82f46c997ce878a6484d769f4460a24332f1920bb08d63ba5fb49176f6283f21
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_6.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 302125
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:25 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdsL1XOzObrnvA-SIFZXXaBjrEdQBqAxT06PzOrkYV_NRfyBH2UnVDa4KFqMw7ocoifWsHINOQ9RFQS2tDgFscDWBA
cache-control: public, max-age=31104000
etag: "c5b9e6bab612c0fea9bf80879f74ddc0"
x-goog-generation: 1659905965656172
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 302125
x-goog-hash: crc32c=aFhFxQ==, md5=xbnmurYSwP6pv4CHn3TdwA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds206.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
stats.vidalytics.com/scribe
107.178.211.97200 OK 16 B URL HTTP/2 stats.vidalytics.com/scribe
IP 107.178.211.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 616
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_7.webm
151.139.128.10200 OK 547 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_7.webm
IP 151.139.128.10:0
Size 547 kB (547358 bytes)
Hash 60c16d921269128abd5dee38780e1971
fa5e644b0f4f6d8912bc496ab4be29c3eb31636f
1cd826ff3a606f52427f71d72f0b6fdcbb2116b96b4d8a83b0a3e5061977e5f4
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_7.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 547358
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:28 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdtrpXGfb9xCFnPovs7TcvaOMrE4rF2eMu1eLDxqKfRNRfkDjOvPG3I8FayIhaURqeGeMfLFxfFW5LqceK-gHvhMwqLMP6Tk
cache-control: public, max-age=31104000
etag: "60c16d921269128abd5dee38780e1971"
x-goog-generation: 1659905968707117
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 547358
x-goog-hash: crc32c=1zZNoQ==, md5=YMFtkhJpEoq9Xe44eA4ZcQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds257.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_8.webm
151.139.128.10200 OK 415 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_8.webm
IP 151.139.128.10:0
Size 415 kB (415017 bytes)
Hash 564b5cc67829edd548bf5c17f4b26410
11c1218643248d095a334111ada451db152dead7
520f94b255d89ffc2e91d313887e5c667fba58d5124d283e6c25c764435fdd23
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_8.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 415017
content-type: video/mp4
last-modified: Sun, 07 Aug 2022 20:59:16 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdtsuPHf9KfhXPRcgp8qjet53d1R_IQLoESnvYwuTGr8Nt0J9FghIZDUwCKaCQu0TSUWRDuo575cc_00DA9XXUCwKQ
cache-control: public, max-age=31104000
etag: "564b5cc67829edd548bf5c17f4b26410"
x-goog-generation: 1659905956804634
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 415017
x-goog-hash: crc32c=KJpF+Q==, md5=Vktcxngp7dVIv1wX9LJkEA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds262.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2
stats.vidalytics.com/scribe
107.178.211.97200 OK 16 B URL HTTP/2 stats.vidalytics.com/scribe
IP 107.178.211.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 724
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1830
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:13:58 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1797
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:13:58 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1787
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:13:57 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
stats.vidalytics.com/scribe
107.178.211.97200 OK 16 B URL HTTP/2 stats.vidalytics.com/scribe
IP 107.178.211.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 255
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 31 Jan 2023 17:13:58 GMT
content-length: 16
x-envoy-upstream-service-time: 0
server: istio-envoy
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 056d8e931511a832f5adb62d6f0a5312
23c7d206fb81e625b7a7fa61a1e966c661a38fdd
bff7b15c88ccd425722dc5e87196cf49636b3aead3108ffb8fb6f46bbf2a5a68
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 31 Jan 2023 17:13:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 15:54:37 GMT
Expires: Wed, 01 Feb 2023 15:54:37 GMT
ETag: "23c7d206fb81e625b7a7fa61a1e966c661a38fdd"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_9.webm
151.139.128.10200 OK 413 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_9.webm
IP 151.139.128.10:0
Size 413 kB (413402 bytes)
Hash d869a50ea34c0ea21484053d38c93fcc
ca6755e454970c8e6c868e4c73316fbeae06eea6
8852428f93e7462a9425058ac31447dd9ff15840a6713eb136ad06da610a9712
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_9.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:58 GMT
accept-ranges: bytes
content-length: 413402
content-type: video/mp4
x-hw: 1675185238.cds256.sk1.hn,1675185238.cds022.sk1.s,1675185238.dop203.la3.r,1675185238.cds225.la3.c,1675185238.cds022.sk1.p
x-cdn: 4
x-guploader-uploadid: ADPycdubcCqZMIUsb5ndzwPF1pjTl7b0unB2fkzXoW7z6w07O462ouKgfbIbD-axGwdqXUIVT9ZxFyWajTayaTYn0kpTZQ
cache-control: public, max-age=31104000
etag: "d869a50ea34c0ea21484053d38c93fcc"
x-goog-generation: 1659905965467622
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 413402
x-goog-hash: crc32c=bMXw5g==, md5=2GmlDqNMDqIUhAU9OMk/zA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Sun, 07 Aug 2022 20:59:25 GMT
X-Firefox-Spdy: h2
fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_10.webm
151.139.128.10200 OK 400 kB URL HTTP/2 fast.vidalytics.com/video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_10.webm
IP 151.139.128.10:0
Size 400 kB (400129 bytes)
Hash fbee391d32afac0948091025edbb6bc2
66c3283066d387852fd6da3ae300a86d6a0e0a2f
2b636fe2866a12b48687cf1a72038c2b121163459b984b98e546b1f615e25d9f
GET /video/QrADs9TA/WSOnDrGabzxQ5q_H/72117/62295/webm/video/1280x720_vp9_1000000/s_10.webm HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:14:00 GMT
accept-ranges: bytes
content-length: 400129
content-type: video/mp4
x-hw: 1675185239.cds256.sk1.hn,1675185239.cds205.sk1.s,1675185240.dop063.la3.r,1675185240.cds033.la3.c,1675185240.cds205.sk1.p
x-cdn: 4
x-guploader-uploadid: ADPycdtZi0fdJ6eVHt6WXL4j2MqpVR8mO1iuF-RnhR7kLZpgfR2gS9Ch8nwC0dRwDq_P9d-VDZgVIzlwSlsi_h9vWX8thqESG7np
cache-control: public, max-age=31104000
etag: "fbee391d32afac0948091025edbb6bc2"
x-goog-generation: 1659905966146340
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 400129
x-goog-hash: crc32c=ylahuw==, md5=++45HTKvrAlICRAl7btrwg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Sun, 07 Aug 2022 20:59:26 GMT
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1802
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:14:01 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
analytics-ingress-global.bitmovin.com/analytics
35.190.27.197204 No Content 0 B URL HTTP/2 analytics-ingress-global.bitmovin.com/analytics
IP 35.190.27.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1842
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: v1.55.1
date: Tue, 31 Jan 2023 17:14:01 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
glucoswitch.com/api/exits/1017567?url=
104.26.4.140200 OK 4 B URL HTTP/2 glucoswitch.com/api/exits/1017567?url=
IP 104.26.4.140:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /api/exits/1017567?url= HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4; affiliate=mediawar15; affiliate.sig=giIMhF-GoLlcOAt3Ua_reBcGBAY; bitmovin_analytics_uuid=6f5a8cb6-7ec7-46fd-942a-f491d917a1a5; timer_93_=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:14:01 GMT
content-type: application/json; charset=utf-8
content-length: 4
content-security-policy: frame-ancestors 'self' cbsplit.com glucoswitch.com glucoswitch-com.cbsplit.com ;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3Z6pfl9RAEtIHKnzI%2FyXveBikPgL8UIPwD9qqNqEKXRaLgqj5VKcUm6SoJgR2eOOXWYQ1qTay%2FCoaiV0LWV8UOvUohfZwTSRjJWvEpVku2tpHK73Ye%2BCNamOoZFhy1H4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414d15c171c0a-OSL
X-Firefox-Spdy: h2
glucoswitch.com/discover/css/bootstrap.css
104.26.4.140200 OK 0 B URL HTTP/2 glucoswitch.com/discover/css/bootstrap.css
IP 104.26.4.140:0
GET /discover/css/bootstrap.css HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/css
last-modified: Fri, 30 Jul 2021 13:41:34 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6104018e-254bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 1565713
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBYflw50T9iuJ8O5y7t8n%2BApDsVmXI%2F8rGKXcQWHTjl0fQm6GAm98mS%2BBcJIBWLu%2FmjRKPuWYZpPzsQTgkjtx5ryA7tpOHa0gnRkzccrcZUhYhj%2BCtDOQyXKWy8mC%2FuGIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414ab9e1b1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
prod.cbstatic.net/dist/injectable.js
54.230.111.43200 OK 0 B URL HTTP/2 prod.cbstatic.net/dist/injectable.js
IP 54.230.111.43:0
GET /dist/injectable.js HTTP/1.1
Host: prod.cbstatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 30 Jan 2023 23:48:16 GMT
last-modified: Mon, 21 Dec 2020 21:57:37 GMT
x-amz-version-id: RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
server: AmazonS3
content-encoding: gzip
etag: W/"af651c30e1a69f6f2124e9c1d094a300"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ShCnaEwvYXWEtOky7nH-DJm03iiRlqzsyL1lEF2KNAo4LMgrGJ2rKQ==
age: 62742
X-Firefox-Spdy: h2
glucoswitch.com/discover/js/bounceback.min.js
104.26.4.140200 OK 0 B URL HTTP/2 glucoswitch.com/discover/js/bounceback.min.js
IP 104.26.4.140:0
GET /discover/js/bounceback.min.js HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: application/javascript
last-modified: Fri, 30 Jul 2021 13:43:42 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6104020e-b20"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 167095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcCZBCp6L4uyB2nu2dMvDP%2FPfNl%2BrUXExk41EFuKvrYdLWYYRtsFDKkPjrQiKMnZVMAUcRLljYCxN%2FSF1IRyoJuyrwHLFndvGyY3qrtrD2x%2B%2B34HU2l3X915IN0y3UuG4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abee961c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.106:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 17:13:55 GMT
date: Tue, 31 Jan 2023 17:13:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
IP 142.250.74.106:0
GET /css2?family=Oswald:wght@200;300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 17:13:55 GMT
date: Tue, 31 Jan 2023 17:13:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
glucoswitch.com/api/visits?page_id=15&page_version=b&request_id=A29EDEF6%3A4952_D197C0D8%3A01BB_63D94C53_124A89%3A379A5D&querystring=hop%3Dmediawar15%26sub3%3D91.90.42.154&fbclid=&fbp=&fbc=&referrer=https%3A%2F%2Ffitleanhealth.com%2F
104.26.4.140200 OK 0 B URL HTTP/2 glucoswitch.com/api/visits?page_id=15&page_version=b&request_id=A29EDEF6%3A4952_D197C0D8%3A01BB_63D94C53_124A89%3A379A5D&querystring=hop%3Dmediawar15%26sub3%3D91.90.42.154&fbclid=&fbp=&fbc=&referrer=https%3A%2F%2Ffitleanhealth.com%2F
IP 104.26.4.140:0
GET /api/visits?page_id=15&page_version=b&request_id=A29EDEF6%3A4952_D197C0D8%3A01BB_63D94C53_124A89%3A379A5D&querystring=hop%3Dmediawar15%26sub3%3D91.90.42.154&fbclid=&fbp=&fbc=&referrer=https%3A%2F%2Ffitleanhealth.com%2F HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:56 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: affiliate=mediawar15; path=/; expires=Wed, 31 Jan 2024 17:13:55 GMT; secure
affiliate.sig=giIMhF-GoLlcOAt3Ua_reBcGBAY; path=/; expires=Wed, 31 Jan 2024 17:13:55 GMT; secure
content-security-policy: frame-ancestors 'self' cbsplit.com glucoswitch.com glucoswitch-com.cbsplit.com ;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhZecxh7YNjJlGQ15JQ3MqpwOC%2BovPv1CAZ6c%2BJCUh9ee74c3kOepuQtXUKSCZfqb2TG503nDV68GMAZ4k2q3rHccIbWwsW7HFuwJURwyYDb50lDMdfeq9ApkrLapN4YXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abfeae1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/QrADs9TA/nyZ5wcmDzcyrkUmp/player-dash-mse.min.js?hash=dekvvxwfr
151.139.128.10200 OK 0 B URL HTTP/2 fast.vidalytics.com/embeds/QrADs9TA/nyZ5wcmDzcyrkUmp/player-dash-mse.min.js?hash=dekvvxwfr
IP 151.139.128.10:0
GET /embeds/QrADs9TA/nyZ5wcmDzcyrkUmp/player-dash-mse.min.js?hash=dekvvxwfr HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucoswitch.com
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
age: 1612539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=300, s-maxage=2592000
content-type: application/javascript
date: Tue, 31 Jan 2023 17:13:56 GMT
etag: "60e11a50fc55371ac165d6271989b4e2"
expires: Thu, 02 Mar 2023 17:13:56 GMT
last-modified: Thu, 12 Jan 2023 17:25:07 GMT
server: SP
vary: Accept-Encoding
x-cdn: 4
x-goog-generation: 1673544307292438
x-goog-hash: crc32c=G2Q+Yg==, md5=YOEaUPxVNxrBZdYnGYm04g==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 509501
x-guploader-uploadid: ADPycds6FlPqEXpc_NavKN7wwcQM9ideGwH7RY4fsD0kt65qJpT4uvxLJsg2Zo0XvW5zeAzBW2PZyE7_5-3FuWJK69hnGA
content-encoding: gzip
x-hw: 1675185236.cds256.sk1.hn,1675185236.cds256.sk1.sl
X-Firefox-Spdy: h2
glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
104.26.4.140200 OK 0 B URL HTTP/2 glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
IP 104.26.4.140:0
GET /discovery?hop=mediawar15&sub3=91.90.42.154 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fitleanhealth.com/
Connection: keep-alive
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: cbst-40-pv=b|2022-08-25T16:28:56.990Z; path=/; expires=Wed, 31 Jan 2024 17:13:55 GMT; secure; httponly
cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4; path=/; expires=Wed, 31 Jan 2024 17:13:55 GMT; secure; httponly
persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
persistedParams.sig=qQIP2OdsTFa87s1ohgL1NB6ingI; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
content-security-policy: frame-ancestors 'self' cbsplit.com glucoswitch.com glucoswitch-com.cbsplit.com ;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F09OAkboVpF%2FBj9Fi%2Bgv5qfKVM1T35X4rlLQUbR7cMcGDAgDzNGLiScRH82a7KcDEcfUSkbkhkUdCDXzboLdOOfjGZ61bQ%2FmFv80tka0oW03eNtpTrGqFrp460Te7xnQwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414aa2c6d1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
glucoswitch.com/css/main.css?v3.1
104.26.4.140200 OK 0 B URL HTTP/2 glucoswitch.com/css/main.css?v3.1
IP 104.26.4.140:0
GET /css/main.css?v3.1 HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 14:24:10 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"612f8d0a-1ffe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 167095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWQetVbUjYUhEJDXQnC4R1x130BG4CbO5lrDkejKcTqsfsqjTNCQbH7pW7KM2%2F%2F8IJrCavYuQGW%2FDmldowI%2BS3vJmGiWeOabjL3ih8EQxDIQX0dU6jEc8iHxwpLeFqLbLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414ab9e271c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 188.114.99.234:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 20634720
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 792414ac6e350b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
glucoswitch.com/discovery/js/jquery-3.5.1.js
104.26.4.140200 OK 0 B URL HTTP/2 glucoswitch.com/discovery/js/jquery-3.5.1.js
IP 104.26.4.140:0
GET /discovery/js/jquery-3.5.1.js HTTP/1.1
Host: glucoswitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/discovery?hop=mediawar15&sub3=91.90.42.154
Cookie: user_id=dc1726ad769f632ce7fdb9e8d8b50556; user_id.sig=stceZI13lv9IT1ce3zzeRjBGiTQ; uid=wKhaAWPZTFOLTQAyAzHXAg==; cnid=0; cbst-40-pv=b|2022-08-25T16:28:56.990Z; cbst-40-pv.sig=Zg2Nh6gQRHPIEw8hlfRcv0nPfn4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 17:13:55 GMT
content-type: application/javascript
last-modified: Tue, 30 Nov 2021 10:28:12 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"61a5fcbc-15d84"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
pragma: public
cf-cache-status: HIT
age: 167095
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHzVaiWe%2FAD6DyMvG9DDBO1SqpqBibyuSgCzg7rRZESpoCCQdweRML7Awp%2FYdWEJZabGbyTm9VKPyHbGdoeOjO4aO8LENsRX6Cw2JssC6NORFdAbJjrGTlsCqUs%2BgIyAlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792414abee901c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
fast.vidalytics.com/embeds/QrADs9TA/46UN8rzM_fkPgzpU/loader.min.js
151.139.128.10200 OK 0 B URL HTTP/2 fast.vidalytics.com/embeds/QrADs9TA/46UN8rzM_fkPgzpU/loader.min.js
IP 151.139.128.10:0
GET /embeds/QrADs9TA/46UN8rzM_fkPgzpU/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://glucoswitch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-store, private, max-age=0, s-max-age=0
content-type: application/javascript
date: Tue, 31 Jan 2023 17:13:56 GMT
etag: "b4a36ec4c64fbd04ad4561ed3d4fdbf2"
expires: Tue, 31 Jan 2023 17:13:56 GMT
last-modified: Thu, 12 Jan 2023 17:25:11 GMT
server: SP
vary: Accept-Encoding
x-cdn: 4
x-cdn-info: loader
x-goog-generation: 1673544310913534
x-goog-hash: crc32c=Pq/pGA==, md5=tKNuxMZPvQStRWHtPU/b8g==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 10530
x-guploader-uploadid: ADPycduAJj68PNlvMNgUTTtu9NlrDYSexwzZ5gGNy0j1g48ztHx6D-TCJ_9PWwFteehutgd4AI_CR0YTytPI-Aj2Gt1YI7wwL0eM
content-encoding: gzip
x-hw: 1675185236.cds256.sk1.hn,1675185236.cds256.sk1.sl
X-Firefox-Spdy: h2