Report - error.exteriorgraphicsdesign.com/ga/click/2-320864661-1626-14349-28016-25892-ddcca32d61-q19b7ddbdb

Report Overview

Submitted URL
error.exteriorgraphicsdesign.com/ga/click/2-320864661-1626-14349-28016-25892-ddcca32d61-q19b7ddbdb
IP
66.94.127.114
ASN
#40021 CONTABO
Submitted
2022-09-29 06:32:28
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
bat.bing.com	387	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	13 kB	204.79.197.200
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	656 B	4.6 kB	192.124.249.41
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	497 B	1.7 kB	143.204.55.105
b-code.liadm.com	3597	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	12 kB	143.204.55.58
tr.outbrain.com	2017	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	491 B	64.202.112.159
fast.vidalytics.com	218005	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	6.9 kB	151.139.128.11
js.go2sdk.com	24169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	18 kB	54.230.111.63
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	992 B	95 kB	142.250.74.163
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	297 B	20.75.32.255
rp.liadm.com	2705	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	1.9 kB	34.235.93.114
refineyoursleep.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	10 kB	74.124.27.101
vibranthealthnetwork.com	579154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	277 B	74.124.27.101
heapanalytics.com	27367	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.5 kB	3.2 kB	44.206.92.210
amplify.outbrain.com	2255	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	3.7 kB	23.38.201.81
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	20 kB	142.250.74.174
licensing.bitmovin.com	19299	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	600 B	35.227.229.24
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.81.125.88
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	827 B	1.2 kB	20.234.93.27
primalhealthcrm.com	313842	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	458 B	970 B	74.124.27.105
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	67 kB	143.204.55.96
sp.analytics.yahoo.com	816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	609 B	949 B	212.82.100.181
trc.taboola.com	602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	552 B	151.101.85.44
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.8 kB	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	1.9 kB	104.18.20.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	12 kB	142.250.74.3
cdn.primalhealthcrm.com	300433	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	137 kB	74.124.27.105
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	2.8 kB	143.204.55.37
stats.vidalytics.com	153185	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	2.2 kB	107.178.211.97
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	505 B	694 B	142.250.74.3
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
error.exteriorgraphicsdesign.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	738 B	66.94.127.114
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	795 B	204.79.197.200
s.yimg.com	375	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	741 B	7.6 kB	188.125.94.204
cdn.taboola.com	1040	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	19 kB	151.101.85.44
analytics-ingress-global.bitmovin.com	47119	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	2.4 kB	35.190.27.197
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
trc-events.taboola.com	1779	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	736 B	141.226.228.48
in.hotjar.com	1746	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	480 B	287 B	54.76.60.60
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
lotamkt.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	461 B	1.0 kB	23.20.168.171
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	746 B	142.250.74.10
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	738 B	26 kB	13.107.246.53
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	902 B	104.18.10.207
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	7.6 kB	142.250.74.170
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.6 kB	143.204.42.158
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	694 B	142.250.74.164
cdn.heapanalytics.com	3660	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	563 B	54.230.111.113
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	12 kB	23.36.77.32
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	598 B	714 B	64.233.165.157

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-29	medium	error.exteriorgraphicsdesign.com/ga/click/2-320864661-1626-14349-28016-25892-ddcca32d61-q19b7ddbdb	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (39)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js	17 kB	2023-03-07	2024-04-22
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:47 Last Seen2024-04-22 18:02:14 Times Seen9865 Hash 593e60ad549e46f8ca9a60755336c7df 9c030800712c832f2a15040cf02f546884a99808 ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4 Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	426 B	2023-03-07	2023-03-10
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-10 15:10:04 Times Seen1 Hash fa7fc109a610ab233ed9c282d9ece61c b98eb22e6c2bd5d780734a19839241a950a7a956 e419433d8c53c0f85b4d78f2157f4e5a9fc8a54134f788373ce9f2d7f988222c Loading...

	cdn.primalhealthcrm.com/js/ie10-viewport-bug-workaround.js	640 B	2023-03-08	2024-02-16
Pretty URL cdn.primalhealthcrm.com/js/ie10-viewport-bug-workaround.js IP 74.124.27.105 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:07 Last Seen2024-02-16 13:55:20 Times Seen21 Hash 07583b40fa1138938fef8405fedc69fb 1aa3775162357772ca03956e731ee5e32ce1cc17 9da76a4acc9d2aa9459fb9680e63c605c54ff3536cb72cabf13bd9467efdf0ff Loading...

	js.go2sdk.com/v2/tune.js	18 kB	2023-03-07	2024-03-03
Pretty URL js.go2sdk.com/v2/tune.js IP 54.230.111.63 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:05 Last Seen2024-03-03 16:12:44 Times Seen616 Hash 074c9e70b17ef9db8aced963fef4e2d9 caa1063a824083eb483f25bfab3e7aade3441bcd cca8ce472cbf8c44acf7ac24067c2d6075acd1e0cd4c9003de6055289ac5c68a Loading...

	www.clarity.ms/tag/uet/11042310	1.5 kB	2023-03-08	2023-03-08
Pretty URL www.clarity.ms/tag/uet/11042310 IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:07 Last Seen2023-03-08 03:22:07 Times Seen1 Hash 63edddac7b1c3174affbe17ad478f79f 9a9cf8d41aeb51094caa7540263d844b3c397afa 93fe663d51a6192745091a67ca50b63b5d1539c5d6a60dccc3cda6f495db2b0c Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	196 B	2023-03-07	2023-09-15
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-09-15 13:06:31 Times Seen4 Hash 9a88b889e88dd733db3bfb1a708f75db 34878906715b5b816b7f3a1e9b1f55beba6c10ca 523bd76354914cf7f67e5eb6e491d14b3e6bd113227203a5e88a9012c195385b Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	728 B	2023-03-07	2023-09-15
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-09-15 13:06:31 Times Seen4 Hash 1bebd3449cd931630e5adf0a73346752 207a9c2074290517c8b8ee8dd9df35dcd49bf316 32776da788803d8e451f0b80c22111cbe85394368a0e968a90cb6ddc8fdee0b8 Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	441 B	2023-03-07	2023-03-10
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-10 15:10:04 Times Seen1 Hash 2bbcdeb7bd95abcf123e1b88f51ec39f 035a37b17c5064fba72fb6c1eb3018deabac9ada 698022333bcd3017b45af20fb022c9e456a0bdb2bc3a7bd107def46e52a3b3e6 Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	970 B	2023-03-07	2023-03-14
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-14 19:44:11 Times Seen1 Hash 362d51bbb9ee7b96e4b98ba508cbb439 cdfce721e2fc7160f70cae9e3c295ea3631fad46 bf20539f521e253806d3119849fc29445e0b7688a81ef87020f4d2862c3add9d Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	2.0 MB	2023-03-08	2023-03-08
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:07 Last Seen2023-03-08 03:22:07 Times Seen1 Hash b9f246bbe9d5fc772fe5bbd786dde20d 07328255cb4880ee19eabc21cd260a9d4edea36e 9570225086fd91a4c923237a92b19f0a3342796ab30ff11a22b23ed0abe31b2c Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 188.125.94.204 ASN #10310 YAHOO-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	tr.outbrain.com/cachedClickId?marketerId=00c8cb59043e91fe98cbb336c2f007ab19	35 B	2023-03-07	2024-02-13
Pretty URL tr.outbrain.com/cachedClickId?marketerId=00c8cb59043e91fe98cbb336c2f007ab19 IP 64.202.112.159 ASN #22075 AS-OUTBRAIN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-02-13 00:48:29 Times Seen1372 Hash 75c843c7b717e7b722777907475c67a3 983d1c9a05b315288039b9d4694ce3b402259240 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	492 B	2023-03-07	2023-03-10
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-10 15:10:04 Times Seen1 Hash a19d83f090db6fb4eb1033903198e614 717dc615f0c62d2b78e327bf691f180dbe0ccaed 411de4a05054ec496957424a8b65e2a69e336cb88d22ab3dc3e1b9c6520d7678 Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	2.1 kB	2023-03-07	2023-03-10
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-10 15:10:04 Times Seen1 Hash 9b67484968f0933f8796bd2e1387c26b 2f8786b816eb5d50d37383c5a964fd2e3ff89ae9 adecf7d6600514d5ae99d46388df726090c295106bdf26fba05a1f63c16a4c09 Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	420 B	2023-03-07	2023-03-10
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-10 15:10:04 Times Seen1 Hash 4e3d2210ed1678a7597cbca4949dc14a 34d2aa849d68c629a5f4da97583b5e1eefa3ee4d 53827ce251401d777102863247859eef3d28b6dd49da8bcfd009dd4980968c30 Loading...

	cdn.heapanalytics.com/js/heap-1279333676.js	112 kB	2023-03-08	2023-03-08
Pretty URL cdn.heapanalytics.com/js/heap-1279333676.js IP 54.230.111.113 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:07 Last Seen2023-03-08 03:22:07 Times Seen1 Hash ead5922e2d9b477a055816efca3506eb 0f8b87409cffedc37e64b2710d09ad7ed4b8eae9 1c8353eacade39f609248cb82a988b48782cb648bbe790c5d038d40dc14883bc Loading...

	bat.bing.com/bat.js	39 kB	2023-03-07	2023-08-25
Pretty URL bat.bing.com/bat.js IP 204.79.197.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2023-08-25 07:33:07 Times Seen42 Hash 16911c194f6e9313655f07c4eb9d8737 d39ccfa8c6d785af331afafe9e36336031f41b64 30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7 Loading...

	cdn.taboola.com/libtrc/unip/1074154/tfa.js	58 kB	2023-03-08	2023-03-08
Pretty URL cdn.taboola.com/libtrc/unip/1074154/tfa.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:07 Last Seen2023-03-08 03:22:07 Times Seen1 Hash 5b862c6b3d457db51a45eceece43ecb7 8ab41278de4fc29cb2b0749c4ddfbf698f7ad1d0 339a11c29a4827f1ecce96c0b064acf57eb0b914a97ebf54565e6ad64236e11c Loading...

	vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html	2.3 kB	2023-03-07	2023-03-17
Pretty URL vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html IP 143.204.55.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:41 Last Seen2023-03-17 12:55:02 Times Seen1 Hash d92066afca578ed14865977d9feac035 2272d154325335dd33ffed8b26929039c6561771 fc200422a2125ba3391e529347524b6596dc8eb4cbb545e7db65ecde73f5bb28 Loading...

	cdn.primalhealthcrm.com/global/js/primal-health-crm-global.js	19 kB	2023-03-08	2023-03-10
Pretty URL cdn.primalhealthcrm.com/global/js/primal-health-crm-global.js IP 74.124.27.105 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:07 Last Seen2023-03-10 15:10:04 Times Seen1 Hash 4da57a9e52597042b4acb95faadd4b9b a436b0403ed79efb224ae4c11f749ed3bcead136 ec691969214bb8141e30d951307bce9341f4aeeb34fa11fd3e856dce08273e97 Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	500 B	2023-03-07	2023-03-10
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-10 15:10:04 Times Seen1 Hash 62b12b670dc00ff89d1f924f865976c3 e36784095a64243ae4575f9edcb178fdc024bf0e 6d3aa41a49ee23936b0e9b59651b043d384525cdf8bfab42367dc09c23500dda Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	119 B	2023-03-07	2023-09-15
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-09-15 13:06:32 Times Seen4 Hash be9abc7dfbabeefd154d101cabe55785 ce6537f7b5c3b38d5fdec7b1160658f4ba362fb4 72fe227707eed0fdd64fe69ffeebf49187883e6170bffc32bf82cb82e1ef9d90 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	784 B	2023-03-07	2023-09-15
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-09-15 13:06:31 Times Seen4 Hash 7d59d20914ec151dc65c20f5d643ca4b f26b43d27b823078ae13c6d7e263d25ed0908b6c 2476305f84853aef5181021c21baa1b7bf068380201458137596ad2f20e0a95a Loading...

	fast.vidalytics.com/embeds/DOBezDQw/1q01xpVeThenmcsk/loader.min.js	40 kB	2023-03-07	2023-03-08
Pretty URL fast.vidalytics.com/embeds/DOBezDQw/1q01xpVeThenmcsk/loader.min.js IP 151.139.128.11 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:16 Last Seen2023-03-08 03:22:08 Times Seen1 Hash 1e619dd735e8755ce105b90ccdd6b02f e789b2e32afba49f1cc2c67713c70ed42d59747e e633458cf56f5243aacbf54f90aff9c7d2cd0b4b93f26b4ec9bfb51bb5ea9b4d Loading...

	b-code.liadm.com/a-060r.min.js	28 kB	2023-03-07	2023-03-08
Pretty URL b-code.liadm.com/a-060r.min.js IP 143.204.55.58 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-08 03:22:08 Times Seen1 Hash 4d192cd7301fdfbaf663906755e6ba22 9a99ba9c39a6ffe794e9f7b80df49b0364693d4a 35292ef22eb64765cece46fd670e1636d4ddc467234496bb51fdbbcd91ed338d Loading...

	cdn.primalhealthcrm.com/global/js/jquery.js	88 kB	2023-03-07	2024-04-22
Pretty URL cdn.primalhealthcrm.com/global/js/jquery.js IP 74.124.27.105 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:01 Last Seen2024-04-22 01:56:15 Times Seen7603 Hash f832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	5.2 kB	2023-03-08	2023-03-08
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:08 Last Seen2023-03-08 03:22:08 Times Seen1 Hash bd0f14f4694ef1dbdff7c4d1dd48e71c 99f6b2269093c14951321f97cf2aa05b704fe3d0 1298b6845a2f0db3965ca77e7ddf115eedc0bfd41e57d165e9194ee60fb2b697 Loading...

	vibranthealthnetwork.com/js.js	0 B	2023-03-07	2024-04-23
Pretty URL vibranthealthnetwork.com/js.js IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 16:17:34 Times Seen37022105 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.hotjar.com/c/hotjar-1796349.js?sv=5	4.6 kB	2023-03-08	2023-03-08
Pretty URL static.hotjar.com/c/hotjar-1796349.js?sv=5 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:08 Last Seen2023-03-08 03:22:08 Times Seen1 Hash 63e0d322332d1ce55d017c62a59bdec3 17ce47bdd6b79a023bda258b26dde2cca8a882c9 37ece4467c7695e68ea5ce8bd1076698dfccc5390c1792aefb16a0727d6d1ce2 Loading...

	www.clarity.ms/eus2/s/0.6.41/clarity.js	55 kB	2023-03-07	2023-03-08
Pretty URL www.clarity.ms/eus2/s/0.6.41/clarity.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:19:43 Last Seen2023-03-08 03:54:21 Times Seen1 Hash 5dce5bd2cc44cefd6b7d3bd6e985b649 b7449b6ab57a1c9e8759aa620492e6d4a1ef1638 61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517 Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	949 B	2023-03-07	2023-03-25
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-25 22:56:18 Times Seen2 Hash 4b213041b1e4a10347c320d34a1426a0 a1f0db7fe8b3ec4937eefc3d78e992bb7e14bc79 236ca29a583fac8b6af04a7fbad6ee5728358d4b4f9a45cc7a30e6d095470daf Loading...

	trc.taboola.com/1074154/trc/3/json?tim=1664433137990&data=%7B%22id%22%3A47%2C%22ii%22%3A%22%2Fnews%2F1662%2Fvideo_sr_mb%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664433137983%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-dianeprimalhealthlpcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664433137989%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i	2.4 kB	2023-03-08	2023-03-08
Pretty URL trc.taboola.com/1074154/trc/3/json?tim=1664433137990&data=%7B%22id%22%3A47%2C%22ii%22%3A%22%2Fnews%2F1662%2Fvideo_sr_mb%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664433137983%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-dianeprimalhealthlpcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664433137989%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:08 Last Seen2023-03-08 03:22:08 Times Seen1 Hash 1157c69835f9630619ca55097479c88f d6ea602eac451aadeafdbd5101eca9f5eea64dea 03e6464e0bfaecc116f7b2f831a01bb156dca349c9e34ade49ae11bb3effd5b2 Loading...

	cdn.primalhealthcrm.com/global/js/bootstrap.min.js	58 kB	2023-03-07	2024-04-23
Pretty URL cdn.primalhealthcrm.com/global/js/bootstrap.min.js IP 74.124.27.105 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-23 16:17:35 Times Seen19562 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	90 B	2023-03-07	2023-03-10
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-10 15:10:04 Times Seen1 Hash 3a70c64bf7f159c7ec96bec155fac062 7f6a3405761d9e72d735eaf39f244dd04a7ad823 d5849913371d30483de69e28b10c9bc5227ad17d2bdf884c06ed75e648374298 Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	1.1 kB	2023-03-08	2023-03-08
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:08 Last Seen2023-03-08 03:22:08 Times Seen1 Hash 797008fed381c6e15a2bfb663ec80bec 100058b73bd1c4b22d3441aa5b1c991ee6a81c52 f7ddba335988d320b07f2c4f75e1dd81a4839bd8b2a34346ab06b04654bf1310 Loading...

	refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq	697 B	2023-03-07	2023-03-10
Pretty URL refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347\|10362\|XMlaefkkrmq IP 74.124.27.101 ASN #26405 HDCS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-10 15:10:04 Times Seen1 Hash 4220ecf367ff07c9b43cb2732c4c6251 58e766e87862e361c7543f48955c9018917a2ee5 0d69a5bdcf887796f780fe0b2194f0f2b7fbcf68c285ce943e2e042022be7caa Loading...

	amplify.outbrain.com/cp/obtp.js	8.1 kB	2023-03-07	2023-03-17
Pretty URL amplify.outbrain.com/cp/obtp.js IP 23.38.201.81 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2023-03-17 12:54:28 Times Seen1 Hash 51de2e10510f823326f9b30ea6068a2a d59ac8a4371d74ec69945686b04453246130d846 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0 Loading...

	bat.bing.com/p/action/11042310.js	1.1 kB	2023-03-07	2023-03-08
Pretty URL bat.bing.com/p/action/11042310.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:41:46 Last Seen2023-03-08 03:22:08 Times Seen1 Hash 87faf5c90190ab0529a65a97bc57a538 d185d49a89d60de377bbb0deaca531a4a8931138 e747f1d15850281a47922823c200e56c5a6e2706c0e0ca6b9d0605b929403230 Loading...

HTTP Transactions (138)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 06:29:35 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Jkd7DhenM7ujYyKgAaZHVFxtMDTeeKVhg3KXuuwtLP_aFvMuaSnrDg==
Age: 162

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4394
Expires: Thu, 29 Sep 2022 07:45:31 GMT
Date: Thu, 29 Sep 2022 06:32:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lLwGc545UIaICZZ1bYsAXCFTzS2U0h4SlxPMHjAxQGqnzAkWmOnxNg==
age: 3830
X-Firefox-Spdy: h2

error.exteriorgraphicsdesign.com/ga/click/2-320864661-1626-14349-28016-25892-ddcca32d61-q19b7ddbdb

66.94.127.114

302 Found

126 B

URL HTTP/1.1
error.exteriorgraphicsdesign.com/ga/click/2-320864661-1626-14349-28016-25892-ddcca32d61-q19b7ddbdb
IP
66.94.127.114:0
ASN
#40021 CONTABO

File type
HTML document text\012- HTML document, ASCII text, with no line terminators
Size
126 B (126 bytes)
Hash
4a155cb7350eff759f8e5f4848256945
c0f1dae7a9ca82385b7785248dcafb1a923d09c0
d349328f993708f685ab9ecabd1e2fabb58a388c875be12dd640f55628606f52

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ga/click/2-320864661-1626-14349-28016-25892-ddcca32d61-q19b7ddbdb HTTP/1.1
Host: error.exteriorgraphicsdesign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Thu, 29 Sep 2022 06:31:52 GMT
Server: Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.29
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: 5951345e135080c90cb7fabb1f1a5491
Location: https://lotamkt.com/?a=10362&c=117099&s1=XMlaefkkrmq
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.019904
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.9
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:32:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 06:29:33 GMT
Expires: Thu, 29 Sep 2022 06:37:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YAIsow0jrpO1mlUsc3j8wAlBSwOwVf0mt-B8zZkdDsFbypyVZmyy2w==
Age: 164

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
6a87de307b8716edfb14ef8cd9948653
2bef986fc29158542a037a654059454fbcf6323a
a37848d9ff2d1b32200bd8cad5c5dfb00391e1116c0f72213e4d51f968600207

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 03 Oct 2022 05:26:50 GMT
ETag: "2bef986fc29158542a037a654059454fbcf6323a"
Last-Modified: Thu, 29 Sep 2022 05:26:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7522ae455e92b500-OSL

lotamkt.com/?a=10362&c=117099&s1=XMlaefkkrmq

23.20.168.171

302 Found

216 B

URL HTTP/1.1
lotamkt.com/?a=10362&c=117099&s1=XMlaefkkrmq
IP
23.20.168.171:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
216 B (216 bytes)
Hash
5c0d409198e320560a6818325a041f47
135bdc6c4215304411aed5c0e17c4f82a8dcb43c
0bbfef270c978c73d67abb41ca0703d5b8ea8dd682ff97df5f622c5591b4b7f0

HTTP Headers

GET /?a=10362&c=117099&s1=XMlaefkkrmq HTTP/1.1
Host: lotamkt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 216
Content-Type: text/html; charset=utf-8
Date: Thu, 29 Sep 2022 06:32:17 GMT
Location: https://refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347|10362|XMlaefkkrmq
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=OqVPc7en+1S1KzSB/K9l15DeZUpAeqCLYUzP9nHZCcSBLNmyazhPLQ==; domain=.lotamkt.com; path=/; SameSite=None; secure; HttpOnly
trk=d5GVl1IxbMO1KzSB/K9l15DeZUpAeqCLYUzP9nHZCcSBLNmyazhPLQ==; domain=.lotamkt.com; expires=Sun, 29-Sep-2024 06:32:14 GMT; path=/; SameSite=None; secure; HttpOnly
c21558=OqVPc7en+1TZV053juACvtbouiQWXenL11ujIYzSaFg8eBGUI9rwVw==; domain=.lotamkt.com; expires=Sat, 29-Oct-2022 06:32:14 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3584
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:17 GMT
Last-Modified: Thu, 29 Sep 2022 05:32:33 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
183336540aa017beb55d9f6d7410bca5
9b092c7ce988a168ca8e5cb41a474492b78c5f31
bc7f4a173bf3cdf792e02d040964ba724c0f0ccc581fefaf0f9d62840ff655d3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC7F4A173BF3CDF792E02D040964BA724C0F0CCC581FEFAF0F9D62840FF655D3"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=876
Expires: Thu, 29 Sep 2022 06:46:54 GMT
Date: Thu, 29 Sep 2022 06:32:18 GMT
Connection: keep-alive

push.services.mozilla.com/

35.81.125.88

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.81.125.88:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AdxXVtBolLMNKN2RfvKUtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: loqi3gJjgslTjkJ5gO7M7egtQAg=

refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347|10362|XMlaefkkrmq

74.124.27.101

200 OK

8.6 kB

URL HTTP/1.1
refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347|10362|XMlaefkkrmq
IP
74.124.27.101:0
ASN
#26405 HDCS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (778)
Size
8.6 kB (8556 bytes)
Hash
01216ca08e4efca3b50ae6e5b543ecf2
ab14db5623eda4e17074ea4b9c933e7f7d54df2e
544717b9da5031f017bc9e51eb030adafc8741c1e8a70dec212e6065c51f8ec0

HTTP Headers

GET /news/1662/video_sr_mb?tid=affiliati&cid=517524347|10362|XMlaefkkrmq HTTP/1.1
Host: refineyoursleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:18 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8556
Content-Type: text/html; charset=UTF-8
Set-Cookie: primal=4u1sil5e4lgg0po1kbimb1urp3; path=/; domain=.refineyoursleep.com
fid=1662; expires=Sat, 29-Oct-2022 06:32:18 GMT; Max-Age=2592000; path=/; domain=.refineyoursleep.com
tid=affiliati; expires=Thu, 29-Sep-2022 06:32:08 GMT; Max-Age=-10; path=/; domain=.refineyoursleep.com
cid=517524347%7C10362%7CXMlaefkkrmq; expires=Thu, 29-Sep-2022 06:32:08 GMT; Max-Age=-10; path=/; domain=.refineyoursleep.com
tid=affiliati; expires=Sat, 29-Oct-2022 06:32:18 GMT; Max-Age=2592000; path=/; domain=.refineyoursleep.com
cid=517524347%7C10362%7CXMlaefkkrmq; expires=Sat, 29-Oct-2022 06:32:18 GMT; Max-Age=2592000; path=/; domain=.refineyoursleep.com
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

142.250.74.170

200 OK

6.5 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1190)
Size
6.5 kB (6490 bytes)
Hash
c3bdf8c5d3c435f9a254e98df59a76d3
49de71ce7f439579b17b89d41630ecc42990f5f9
6ef91d15e35c54b958239444ffa14bcd4aa4d84f10ea10a5a3af71543b74ee85

HTTP Headers

GET /ajax/libs/webfont/1.5.18/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 6490
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:50:32 GMT
expires: Fri, 22 Sep 2023 16:50:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 567706
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

refineyoursleep.com/themes/default/css/site.css

74.124.27.101

200 OK

116 B

URL HTTP/1.1
refineyoursleep.com/themes/default/css/site.css
IP
74.124.27.101:0
ASN
#26405 HDCS

File type
ASCII text
Size
116 B (116 bytes)
Hash
9cfa7f77fb5552267e4b8acb6d899eb9
fa3c6d774fb6141a24ffa76a90ec354b21d517fe
0eea7414307cc23d6c7a4b912a642b7e70093b7316bcf9e7de5466541c68f35d

HTTP Headers

GET /themes/default/css/site.css HTTP/1.1
Host: refineyoursleep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/news/1662/video_sr_mb?tid=affiliati&cid=517524347|10362|XMlaefkkrmq
Cookie: primal=4u1sil5e4lgg0po1kbimb1urp3; fid=1662; tid=affiliati; cid=517524347%7C10362%7CXMlaefkkrmq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:18 GMT
Server: Apache
Last-Modified: Thu, 10 Feb 2022 15:37:26 GMT
ETag: "62-5d7abba2ac77a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 116
Content-Type: text/css
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da46f20944544b836ab256b42df99c31
1759f617bb58e422408fc7fe1a69234f0eaf650c
ec1bd82672e0c9cc607445677e880ad4145250bed93ee091c880e8e28cedbdc5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC1BD82672E0C9CC607445677E880AD4145250BED93EE091C880E8E28CEDBDC5"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6754
Expires: Thu, 29 Sep 2022 08:24:53 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da46f20944544b836ab256b42df99c31
1759f617bb58e422408fc7fe1a69234f0eaf650c
ec1bd82672e0c9cc607445677e880ad4145250bed93ee091c880e8e28cedbdc5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC1BD82672E0C9CC607445677E880AD4145250BED93EE091C880E8E28CEDBDC5"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20618
Expires: Thu, 29 Sep 2022 12:15:57 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2499c23e916918b121205125faf1bf9d
49e8f4ba2dbe264ff85c8681b0974bc631c1d14b
f9ab8ef4fc6cd5e881b5daa9be82b4f2769c262343c5f7785e404ff7b67e232a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9AB8EF4FC6CD5E881B5DAA9BE82B4F2769C262343C5F7785E404FF7B67E232A"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18045
Expires: Thu, 29 Sep 2022 11:33:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da46f20944544b836ab256b42df99c31
1759f617bb58e422408fc7fe1a69234f0eaf650c
ec1bd82672e0c9cc607445677e880ad4145250bed93ee091c880e8e28cedbdc5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC1BD82672E0C9CC607445677E880AD4145250BED93EE091C880E8E28CEDBDC5"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20686
Expires: Thu, 29 Sep 2022 12:17:05 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da46f20944544b836ab256b42df99c31
1759f617bb58e422408fc7fe1a69234f0eaf650c
ec1bd82672e0c9cc607445677e880ad4145250bed93ee091c880e8e28cedbdc5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC1BD82672E0C9CC607445677E880AD4145250BED93EE091C880E8E28CEDBDC5"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21557
Expires: Thu, 29 Sep 2022 12:31:36 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6390 bytes)
Hash
14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VwWbbPJtnsSB1Y6riPtCZXX0Ocmxw024YRmlebWN1UQxZX3uvjsvOw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 05:41:14 GMT
age: 3065
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9034 bytes)
Hash
2054ae778a3079d8233ee33045127df6
927d5a375d9607b23caadae148566fdff10147b1
6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9034
x-amzn-requestid: ccfaad8d-c270-491f-b0fa-ac56fb1ba14e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVJ_G2doAMFXqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633268a6-1599ec83051ceef5038d1296;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:06:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: G--ubYYfq5CFGAZzorD-TAgKentdIyvzSjrvqjTf_yGWDvjwX75KHg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:21 GMT
age: 7918
etag: "927d5a375d9607b23caadae148566fdff10147b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6795 bytes)
Hash
9f94853ffae41ec3c0e002bc152da1c4
7057c6707c7299ac386c6b2164240eff241db294
818f3ff90d7b7923b4af4e423dbb01388795490ac2097e1d58d70608b95618f4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6795
x-amzn-requestid: 20067932-e2e5-410a-8c7a-a5f623f33454
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCs6FbooAMFyHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633117ec-65749cd04e48e49a46b4c215;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:09:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: o1q8r6PSQDQyLs4xfhCSXu4q8fFi3zIoAIMlwNznvOsEtORfuVumCA==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 05:17:35 GMT
age: 4484
etag: "7057c6707c7299ac386c6b2164240eff241db294"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7859 bytes)
Hash
c62a6368c456e9614ca4c8e360a2ef12
35ec6e80d324bb215796c590a7ffafbaea55d88e
90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XwUZAphoqael30FgWCRQlHqBpjBOSG7rnlbPNKyojhONZ625gCUI5g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 08:28:02 GMT
age: 79457
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7810 bytes)
Hash
456968f691ae9464d69a37bffe9bd7ce
31b8538deb0f00d5b4182739a4a2fcc1b956a998
5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7810
x-amzn-requestid: 7f6d92e1-c7b1-4dd2-9efa-52ad324ca19d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK6pFvkoAMF_yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334beaa-362b7368566955966db78385;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TbPFEVDpMOjK26iu1UGcx56vtP7Pywq05VAylNubOIfbMgo1qGsA-w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:12:40 GMT
age: 8379
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9654 bytes)
Hash
36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7277f59f-452d-4cb6-a76e-1561b4ff3de0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGW2REPzoAMFrww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326b5b-4f5d775830c95b065ce40d3f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:17:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jTiWrrcC29QaFlnaiNH_KmEaphRZhWyzf1JbWb6uL00D3vOMR7Wfyg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:09 GMT
age: 11050
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.primalhealthcrm.com/global/js/primal-health-crm-global.js

74.124.27.105

200 OK

4.1 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/global/js/primal-health-crm-global.js
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
ASCII text
Size
4.1 kB (4065 bytes)
Hash
cdd473dea26c380bbcb36646e7ec8ada
705c41f3239209f4b0aa43474e2ca1995e7de73e
c87a01955eda5fc5b0291a4243db11974c2a4dfea1a6f6bb7aef477c066bf4f7

HTTP Headers

GET /global/js/primal-health-crm-global.js HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Wed, 29 Jun 2022 17:38:23 GMT
ETag: "4ac0-5e2999ea682f8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 4065
Content-Type: application/javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

cdn.primalhealthcrm.com/global/css/default.css

74.124.27.105

200 OK

4.7 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/global/css/default.css
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
ASCII text
Size
4.7 kB (4741 bytes)
Hash
54d8aeda2fcc8bff1c92b5c4af23abb3
4373157ea8ffc52198a2873de7d643736574f5dc
5e637dfc00b4d1fb9f619cb4cef755dc1a8e92b48c09f7495942edb95274ef66

HTTP Headers

GET /global/css/default.css HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Tue, 18 May 2021 19:13:02 GMT
ETag: "5fed-5c29f7fc311bd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 4741
Content-Type: text/css
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

cdn.primalhealthcrm.com/js/ie10-viewport-bug-workaround.js

74.124.27.105

200 OK

423 B

URL HTTP/1.1
cdn.primalhealthcrm.com/js/ie10-viewport-bug-workaround.js
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
ASCII text
Size
423 B (423 bytes)
Hash
7faf325a95bea2aa9b5667e2ba8331e5
664eca0eef327eab328e9845a3a9a834de767555
14579148d735c8e823af085b60aa4ef437340b8de900c484b29dddcd72e9d5ef

HTTP Headers

GET /js/ie10-viewport-bug-workaround.js HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Wed, 31 Jan 2018 19:21:02 GMT
ETag: "280-56417613d8380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 423
Content-Type: application/javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

cdn.primalhealthcrm.com/global/css/bootstrap.min.css

74.124.27.105

200 OK

23 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/global/css/bootstrap.min.css
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
ASCII text, with very long lines (65324)
Size
23 kB (23238 bytes)
Hash
3b5537dce96f57098998e410b0202920
7732b57e4e3bbc122d63f67078efa7cf5f975448
a1c54426705d6cef00e0ae98f5ad1615735a31a4e200c3a5835b44266a4a3f88

HTTP Headers

GET /global/css/bootstrap.min.css HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Mon, 09 Sep 2019 19:46:32 GMT
ETag: "2606e-592240b77bff8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 23238
Content-Type: text/css
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

cdn.primalhealthcrm.com/global/js/bootstrap.min.js

74.124.27.105

200 OK

15 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/global/js/bootstrap.min.js
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
ASCII text, with very long lines (57791)
Size
15 kB (15437 bytes)
Hash
8c7f5fa6aa5505726872ce0296828eb5
c7ce2e13bd25da05e7c4bc68be2e57e2cb515d33
8e0286a099efe027b863e8b7265ad2c9e053bfaa083f53749e5bf7301987284a

HTTP Headers

GET /global/js/bootstrap.min.js HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Mon, 09 Sep 2019 19:46:47 GMT
ETag: "e2d8-592240c5946a6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 15437
Content-Type: application/javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

cdn.primalhealthcrm.com/global/js/jquery.js

74.124.27.105

200 OK

31 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/global/js/jquery.js
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
ASCII text, with very long lines (65451)
Size
31 kB (30675 bytes)
Hash
e26795ac1369d6d3fd6e6b165428448f
29fc3c7e89bfafa2f759e13bc51c44ada83f3221
fd3a1b4234a1f5d0d1e47881e39a7f49ec05078ee2bf9a8d412b3efc1d4f762b

HTTP Headers

GET /global/js/jquery.js HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Mon, 09 Sep 2019 19:51:18 GMT
ETag: "15850-592241c7dbe75-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=2592000, public
Content-Length: 30675
Content-Type: application/javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

js.go2sdk.com/v2/tune.js

54.230.111.63

200 OK

18 kB

URL HTTP/2
js.go2sdk.com/v2/tune.js
IP
54.230.111.63:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7486)
Size
18 kB (17921 bytes)
Hash
074c9e70b17ef9db8aced963fef4e2d9
caa1063a824083eb483f25bfab3e7aade3441bcd
cca8ce472cbf8c44acf7ac24067c2d6075acd1e0cd4c9003de6055289ac5c68a

HTTP Headers

GET /v2/tune.js HTTP/1.1
Host: js.go2sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 17921
last-modified: Wed, 06 Jan 2021 18:55:14 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:05:20 GMT
etag: "074c9e70b17ef9db8aced963fef4e2d9"
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u1OKxwQAo2hHWu-M6Sq2COuwi1RmDFfZGaJ-Z9dXEaAeT5it36V80A==
age: 5220
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5f4b013b5656bef604b0022eb233d049
5b5ac71b8dbb5b488d7267d0d70292c2f7651c5b
238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4608
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Last-Modified: Thu, 29 Sep 2022 05:15:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5f4b013b5656bef604b0022eb233d049
5b5ac71b8dbb5b488d7267d0d70292c2f7651c5b
238fd305a8853df61050a601a24c483728ab6695658f993bc179a075a5616cd9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4608
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Last-Modified: Thu, 29 Sep 2022 05:15:31 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

cdn.primalhealthcrm.com/images/logo-tpss-moon2.png

74.124.27.105

200 OK

8.0 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/images/logo-tpss-moon2.png
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
PNG image data, 448 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (7990 bytes)
Hash
8360532417526dae50a73de25364348c
7a850905a9736657e8f76bb3d6a4859dc504e05f
c42a73b4ffe4bdc105571cb9c09ee394b84395c1652ac31cb6a4a82980baee47

HTTP Headers

GET /images/logo-tpss-moon2.png HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Tue, 05 May 2020 15:11:01 GMT
ETag: "1f3c-5a4e80e3b4beb-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/png
Content-Encoding: gzip
Content-Length: 7990
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive

cdn.primalhealthcrm.com/images/btn-close.png

74.124.27.105

200 OK

2.2 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/images/btn-close.png
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
PNG image data, 30 x 31, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2212 bytes)
Hash
ef7578dd693e23219a00ba8d8e9ad2cf
0342aab5ae4f462c7e57e8e3bb587185bb326a06
6c2260745e7c3720cfabf39a4cab47c4eb50fd0d150601ae893c2a6912e26b0c

HTTP Headers

GET /images/btn-close.png HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Wed, 31 Jan 2018 19:20:53 GMT
ETag: "9a8-5641760b42f40-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/png
Content-Encoding: gzip
Content-Length: 2212
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive

cdn.primalhealthcrm.com/images/ajax-loader-3.gif

74.124.27.105

200 OK

3.5 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/images/ajax-loader-3.gif
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
GIF image data, version 89a, 128 x 15\012- data
Size
3.5 kB (3453 bytes)
Hash
ccb089834f9fd4d09ab89da2a4e18c8f
822d59c255d821e181fb337f292d3976962de658
877575d7351d6eaadc3ceeb2dad0d5f678a6759910c24841c78b0ef7856025b3

HTTP Headers

GET /images/ajax-loader-3.gif HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Wed, 31 Jan 2018 19:20:52 GMT
ETag: "f6f-5641760a4ed00-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/gif
Content-Encoding: gzip
Content-Length: 3453
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.primalhealthcrm.com/images/next-step-gold.png

74.124.27.105

200 OK

18 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/images/next-step-gold.png
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
PNG image data, 931 x 260, 8-bit colormap, non-interlaced\012- data
Size
18 kB (18006 bytes)
Hash
e7ad85e2a85bda776f57f096bc2b4daa
2cad70181a65c5556d115736d0a5e3d4b096170e
974206ab05995e5ab54752b167b635b7a5d394cb31a1bf9b6f799121de558dd0

HTTP Headers

GET /images/next-step-gold.png HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Thu, 07 May 2020 18:03:14 GMT
ETag: "466a-5a512b1cfb4c2-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/png
Content-Encoding: gzip
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked

cdn.primalhealthcrm.com/images/as-seen-on.jpg

74.124.27.105

200 OK

16 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/images/as-seen-on.jpg
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=72, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=700], baseline, precision 8, 636x72, components 3\012- data
Size
16 kB (15954 bytes)
Hash
ff8ddf33c05acd43ed65aa38113344f9
ed1d91dee0a953792d59920114b35827b0fa1ae6
5f3a642650f479f25eb9c44b37cfba5f340b76c63acc9369baaf62487e6204f0

HTTP Headers

GET /images/as-seen-on.jpg HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:19 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Thu, 08 Apr 2021 19:36:15 GMT
ETag: "597c-5bf7b291e82d1-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/jpeg
Content-Encoding: gzip
Content-Length: 15954
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 390654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

142.250.74.163

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:59:14 GMT
expires: Tue, 26 Sep 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 214385
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
eee7efbcba39a3eed67984cf15b8eb50
d43544f205bddb295f41b228b988fb86421b3882
11d0e8acb2d2223d28a2ad596f477001bb50735124f4fca21311fe7880ae4788

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:19 GMT
Last-Modified: Thu, 29 Sep 2022 05:29:18 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aBvGTlgisvzUD-hNMl4Mz4sRUJfo1gFFCy-aHmVpy9i6Bq49_dK1-A==
Age: 3781

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
97fac380df6aa6f043561fa235ba692b
f9fd3dea682d1d3f6504c03c2091ad39cd150ce2
59069c4bfe650544c56fe0889a983085ae88eac66c745a94e4aedd9befae8900

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59069C4BFE650544C56FE0889A983085AE88EAC66C745A94E4AEDD9BEFAE8900"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21447
Expires: Thu, 29 Sep 2022 12:29:46 GMT
Date: Thu, 29 Sep 2022 06:32:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3f108848fc1f5aa376128878bba1ba53
0ac8e0d2338f2addc8297f123bdcd0a1f6a9facf
c64c9ef21fc85a4ab6a1071306f96714683228fb233116d9efd24d284fa4ca46

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C64C9EF21FC85A4AB6A1071306F96714683228FB233116D9EFD24D284FA4CA46"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18510
Expires: Thu, 29 Sep 2022 11:40:50 GMT
Date: Thu, 29 Sep 2022 06:32:20 GMT
Connection: keep-alive

primalhealthcrm.com/IPN2/visits_pixel.php?tid=affiliati&cid=517524347|10362|XMlaefkkrmq&ip=168430334&domain=93

74.124.27.105

200 OK

527 B

URL HTTP/1.1
primalhealthcrm.com/IPN2/visits_pixel.php?tid=affiliati&cid=517524347|10362|XMlaefkkrmq&ip=168430334&domain=93
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 1x1, components 3\012- data
Size
527 B (527 bytes)
Hash
00b62c6b9684fadb5407aaf99a77fbe7
f16a5742ef54501dacf8e106a66c2161b02a5d47
216394359a8d5ff2d18fc7d719ba061fa3791881dca92be8f6868dbf50a997f9

HTTP Headers

GET /IPN2/visits_pixel.php?tid=affiliati&cid=517524347|10362|XMlaefkkrmq&ip=168430334&domain=93 HTTP/1.1
Host: primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:20 GMT
Server: Apache
Access-Control-Allow-Origin: *
Vary: User-Agent,Accept-Encoding
Content-Type: image/jpeg
Set-Cookie: PubVisit=201830428; expires=Fri, 30-Sep-2022 06:32:20 GMT; Max-Age=86400; path=/
MasterTid=affiliati; expires=Fri, 29-Sep-2023 06:32:20 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip
Content-Length: 527
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4a8f8f8eebb2aa9b3538059bacfb4411
c8eeff0c2c32f6b36be6d7712dad057792c9fb5b
d45689d972d2c2055075baaef433ecbe1f86d950b03058267377f60f0cac5e82

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:20 GMT
Last-Modified: Thu, 29 Sep 2022 05:31:14 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xaLQfjPNSInHvaa3uB_hvsImhmGFjTh1pAN-IU3t9udhaojPRiK3Aw==
Age: 3666

vibranthealthnetwork.com/js.js

74.124.27.101

200 OK

0 B

URL HTTP/1.1
vibranthealthnetwork.com/js.js
IP
74.124.27.101:0
ASN
#26405 HDCS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js.js HTTP/1.1
Host: vibranthealthnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:20 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 16:47:40 GMT
ETag: "0-5d84da417f2e2"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: application/javascript
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4a8f8f8eebb2aa9b3538059bacfb4411
c8eeff0c2c32f6b36be6d7712dad057792c9fb5b
d45689d972d2c2055075baaef433ecbe1f86d950b03058267377f60f0cac5e82

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:14 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _ynUAa9kyhOwP6vUfetGaZ5cqkLQSq5Rq-hf5niF1nROwSaGqj7oIA==
Age: 5886

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4a8f8f8eebb2aa9b3538059bacfb4411
c8eeff0c2c32f6b36be6d7712dad057792c9fb5b
d45689d972d2c2055075baaef433ecbe1f86d950b03058267377f60f0cac5e82

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:20 GMT
Last-Modified: Thu, 29 Sep 2022 05:11:58 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UnJGOW8_rIr54zXFu01T7lzuDCY_ojGNKPeEYEd1T25HPeoJLyQsHw==
Age: 4822

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4a8f8f8eebb2aa9b3538059bacfb4411
c8eeff0c2c32f6b36be6d7712dad057792c9fb5b
d45689d972d2c2055075baaef433ecbe1f86d950b03058267377f60f0cac5e82

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:43:39 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O5wPdQyHjTBMMbBPE-OnUabLnn6wlAz5X1LCgjk_54nf6QmKXktlpw==
Age: 6521

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4a8f8f8eebb2aa9b3538059bacfb4411
c8eeff0c2c32f6b36be6d7712dad057792c9fb5b
d45689d972d2c2055075baaef433ecbe1f86d950b03058267377f60f0cac5e82

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:20 GMT
Last-Modified: Thu, 29 Sep 2022 05:01:53 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LUAULu9OKySLJrQTHsNfu4figPN2OyZbOmroeFTn9o-rEAzmZJVPLg==
Age: 5427

heapanalytics.com/api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137106&hv=4.18.4

44.206.92.210

200 OK

37 B

URL HTTP/2
heapanalytics.com/api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137106&hv=4.18.4
IP
44.206.92.210:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137106&hv=4.18.4 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20TID=affiliati&st=1664433137165

44.206.92.210

200 OK

37 B

URL HTTP/2
heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20TID=affiliati&st=1664433137165
IP
44.206.92.210:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20TID=affiliati&st=1664433137165 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20FID=1662&st=1664433137165

44.206.92.210

200 OK

37 B

URL HTTP/2
heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20FID=1662&st=1664433137165
IP
44.206.92.210:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20FID=1662&st=1664433137165 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=t&sp=Special%20Offer&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2341289381479821&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Started&ts0=1664433137114&st=1664433137164

44.206.92.210

200 OK

37 B

URL HTTP/2
heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=t&sp=Special%20Offer&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2341289381479821&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Started&ts0=1664433137114&st=1664433137164
IP
44.206.92.210:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=z&sp=0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=t&sp=Special%20Offer&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2341289381479821&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Started&ts0=1664433137114&st=1664433137164 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&z=0&h=%2Fnews%2F1662%2Fvideo_sr_mb&q=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&d=refineyoursleep.com&t=Special%20Offer&k=FID&k=1662&k=TID&k=affiliati&k=CID%20Part%201&k=517524347&k=CID%20Part%202&k=10362&k=CID%20Part%203&k=XMlaefkkrmq&ts=1664433137161&st=1664433137162

44.206.92.210

200 OK

37 B

URL HTTP/2
heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&z=0&h=%2Fnews%2F1662%2Fvideo_sr_mb&q=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&d=refineyoursleep.com&t=Special%20Offer&k=FID&k=1662&k=TID&k=affiliati&k=CID%20Part%201&k=517524347&k=CID%20Part%202&k=10362&k=CID%20Part%203&k=XMlaefkkrmq&ts=1664433137161&st=1664433137162
IP
44.206.92.210:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&z=0&h=%2Fnews%2F1662%2Fvideo_sr_mb&q=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&d=refineyoursleep.com&t=Special%20Offer&k=FID&k=1662&k=TID&k=affiliati&k=CID%20Part%201&k=517524347&k=CID%20Part%202&k=10362&k=CID%20Part%203&k=XMlaefkkrmq&ts=1664433137161&st=1664433137162 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20IP=91.90.42.154&st=1664433137165

44.206.92.210

200 OK

37 B

URL HTTP/2
heapanalytics.com/api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20IP=91.90.42.154&st=1664433137165
IP
44.206.92.210:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /api/add_user_properties_v3?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&_Last%20IP=91.90.42.154&st=1664433137165 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

amplify.outbrain.com/cp/obtp.js

23.38.201.81

200 OK

3.2 kB

URL HTTP/1.1
amplify.outbrain.com/cp/obtp.js
IP
23.38.201.81:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (8072), with no line terminators
Size
3.2 kB (3249 bytes)
Hash
9b19340ef7db3cbb26aa923adb8dbe6e
082e699bca6e80ca6c72a43f2894f4a32e785e26
c042b8b199b2c08fa66f90753998544860e3f64c3a1f47754a66970b3b8c5b2a

HTTP Headers

GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Thu, 29 Sep 2022 06:52:20 GMT
Date: Thu, 29 Sep 2022 06:32:20 GMT
Content-Length: 3249
Connection: keep-alive

s.yimg.com/wi/ytc.js

188.125.94.204

200 OK

5.9 kB

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.204:0
ASN
#10310 YAHOO-1

File type
ASCII text, with very long lines (16553), with no line terminators
Size
5.9 kB (5929 bytes)
Hash
2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TXEHCovb7BvrM0h0lZ0ZLhRuDUYjUVL2SDcEsSimaFMn84dd0BbD6crNCSWjGy7BJ7Edh38wIfw=
x-amz-request-id: VVJN7W6EQES283TV
date: Thu, 29 Sep 2022 05:58:43 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 2018
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/unip/1074154/tfa.js

151.101.85.44

200 OK

18 kB

URL HTTP/2
cdn.taboola.com/libtrc/unip/1074154/tfa.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (58509)
Size
18 kB (17962 bytes)
Hash
ef4ef43e7287b3187c204296a0dcbbfe
99088f063958ecceb269bbb5610488faacbf6c9f
3a79bc527e0b7354c7a83d22590eb0a6285a6a08526f915bca080e4cbbe9cbe8

HTTP Headers

GET /libtrc/unip/1074154/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: uVQ2Kp74w7SzLQaocn4yD7nrS8EoQgrxcXzAax/5Sh08E7bYDQdS2wVYjDeobkxe86UsT9JhVtc=
x-amz-request-id: TN60AKKVQKZMK3JE
x-amz-replication-status: COMPLETED
last-modified: Sun, 25 Sep 2022 11:08:34 GMT
etag: "5b862c6b3d457db51a45eceece43ecb7"
x-amz-version-id: ICU6ksb_DdYxGnEl5jMVj3IMB18crXyP
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Thu, 29 Sep 2022 06:32:20 GMT
via: 1.1 varnish
age: 3960
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664433140.407381,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 82
content-length: 17962
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 04:41:09 GMT
expires: Thu, 29 Sep 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 6671
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/bat.js

204.79.197.200

200 OK

11 kB

URL HTTP/2
bat.bing.com/bat.js
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size
11 kB (11367 bytes)
Hash
293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=0B9462957ECE68A03B1B70BB7F3B6940; domain=.bing.com; expires=Tue, 24-Oct-2023 06:32:20 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 570B578E418341E89C58A09190BBE85A Ref B: OSL30EDGE0117 Ref C: 2022-09-29T06:32:20Z
date: Thu, 29 Sep 2022 06:32:20 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.primalhealthcrm.com/global/img/faviconsr.ico

74.124.27.105

200 OK

3.5 kB

URL HTTP/1.1
cdn.primalhealthcrm.com/global/img/faviconsr.ico
IP
74.124.27.105:0
ASN
#26405 HDCS

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
3.5 kB (3464 bytes)
Hash
47b8dabcc032d70ca57687a54013e4ac
ec2b12d1a96a5075c7b32515ef04b7aa35e537cb
3590aa9018469eaa96de8fab05681fb94f886b9d75d9b86d68126c9eb6f5b910

HTTP Headers

GET /global/img/faviconsr.ico HTTP/1.1
Host: cdn.primalhealthcrm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:20 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type, origin, x-requested-with, content-type
Last-Modified: Mon, 04 May 2020 20:18:39 GMT
ETag: "3aee-5a4d83c8bb740-gzip"
Accept-Ranges: bytes
Vary: User-Agent,Accept-Encoding
Cache-Control: max-age=2592000, public
Content-Type: image/vnd.microsoft.icon
Content-Encoding: gzip
Content-Length: 3464
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
91aeda53c7726ce8e29cc1eb871e6315
92559ccfe237539d123b29085708666e45a620e0
bec8494b8bc023d54056e2b8d68d6887f3c8079e00e1483ee24587e1b28e7400

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 29 Sep 2022 06:32:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 28 Sep 2022 21:32:48 GMT
Expires: Thu, 29 Sep 2022 21:32:48 GMT
ETag: "92559ccfe237539d123b29085708666e45a620e0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

static.hotjar.com/c/hotjar-1796349.js?sv=5

143.204.55.37

200 OK

2.2 kB

URL HTTP/2
static.hotjar.com/c/hotjar-1796349.js?sv=5
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3790)
Size
2.2 kB (2196 bytes)
Hash
a9d4418a45ce60e79d585e547aa1c65e
25a6ca6d9a9cb7cc3327b5d50a453cbc6024bcd9
1f486fac77a4538ce3c7c6048eb67e1753f6ad3a1bf9ba0a6b4ce459e30cc58e

HTTP Headers

GET /c/hotjar-1796349.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 29 Sep 2022 06:32:20 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/63e0d322332d1ce55d017c62a59bdec3
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wYtqWhCVfBEstXUuJujxpH3VgO_VgHKJdmpln5xjmuBv7vvABcSzRA==
X-Firefox-Spdy: h2

vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

143.204.55.105

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP
143.204.55.105:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Size
1.0 kB (1044 bytes)
Hash
f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41

HTTP Headers

GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VSltGLCl_UIm5X4h9K8ttkZI58Qijn9Grdl8KoIG0kgsdCqBa0Z65A==
age: 1890913
X-Firefox-Spdy: h2

heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=5483607258049077&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Complete&ts0=1664433138067&st=1664433138068

44.206.92.210

200 OK

37 B

URL HTTP/2
heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=5483607258049077&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Complete&ts0=1664433138067&st=1664433138068
IP
44.206.92.210:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=5483607258049077&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Load%20Complete&ts0=1664433138067&st=1664433138068 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

heapanalytics.com/api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137112&hv=4.18.4

44.206.92.210

200 OK

37 B

URL HTTP/2
heapanalytics.com/api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137112&hv=4.18.4
IP
44.206.92.210:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /api/telemetry?a=1279333676&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=1&st=1664433137112&hv=4.18.4 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1257
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

stats.vidalytics.com/awesome-log?cid=DOBezDQw

107.178.211.97

200 OK

43 B

URL HTTP/2
stats.vidalytics.com/awesome-log?cid=DOBezDQw
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /awesome-log?cid=DOBezDQw HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: istio-envoy
date: Thu, 29 Sep 2022 06:32:20 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, public, max-age=2592000
etag: "DOBezDQw/hKpck7yGvgTnp7lI"
access-control-expose-headers: Access-Control-Allow-Origin, Cache-Control, ETag, etag
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
x-envoy-upstream-service-time: 20
access-control-allow-origin: *
X-Firefox-Spdy: h2

licensing.bitmovin.com/licensing

35.227.229.24

200 OK

165 B

URL HTTP/2
licensing.bitmovin.com/licensing
IP
35.227.229.24:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
165 B (165 bytes)
Hash
bad32d07dc1ad9e3d334785067afbf34
653f8f612c6646daae0122b3b27e2c11486f86a4
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

HTTP Headers

POST /licensing HTTP/1.1
Host: licensing.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 150
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
content-type: application/json
date: Thu, 29 Sep 2022 06:32:20 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
91aeda53c7726ce8e29cc1eb871e6315
92559ccfe237539d123b29085708666e45a620e0
bec8494b8bc023d54056e2b8d68d6887f3c8079e00e1483ee24587e1b28e7400

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 29 Sep 2022 06:32:21 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 28 Sep 2022 21:32:48 GMT
Expires: Thu, 29 Sep 2022 21:32:48 GMT
ETag: "92559ccfe237539d123b29085708666e45a620e0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

script.hotjar.com/modules.cf44a0a6b448df1b035e.js

143.204.55.96

200 OK

66 kB

URL HTTP/2
script.hotjar.com/modules.cf44a0a6b448df1b035e.js
IP
143.204.55.96:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
66 kB (66148 bytes)
Hash
5f131c93ccff63ccc86d0067d0eebf99
a599898399783be0db5f757c043b828a0726deec
91980f4223c639c3849139a6e692ccf10310f0b57d74b403198af020fc7398a2

HTTP Headers

GET /modules.cf44a0a6b448df1b035e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 66148
date: Wed, 28 Sep 2022 11:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f131c93ccff63ccc86d0067d0eebf99"
last-modified: Wed, 28 Sep 2022 11:36:53 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TyI_EapoMPKS9Ll07SYHE-6xaAP68wKvCAx1q-Ta5W6-aRW2RL9t5g==
age: 68115
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=11042310&Ver=2&mid=bb9b269a-8ca5-461e-9255-90dc6ace9369&sid=76e949e03fc011edae30ffde97659114&vid=76e948703fc011ed89050936891e5292&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Special%20Offer&p=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&r=&lt=2865&evt=pageLoad&sv=1&rn=417865

204.79.197.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=11042310&Ver=2&mid=bb9b269a-8ca5-461e-9255-90dc6ace9369&sid=76e949e03fc011edae30ffde97659114&vid=76e948703fc011ed89050936891e5292&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Special%20Offer&p=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&r=&lt=2865&evt=pageLoad&sv=1&rn=417865
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=11042310&Ver=2&mid=bb9b269a-8ca5-461e-9255-90dc6ace9369&sid=76e949e03fc011edae30ffde97659114&vid=76e948703fc011ed89050936891e5292&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Special%20Offer&p=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&r=&lt=2865&evt=pageLoad&sv=1&rn=417865 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=36A73766D67B67A610FD2548D78E6629; domain=.bing.com; expires=Tue, 24-Oct-2023 06:32:21 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF3CD16BCF71417B986F2E06E9F29C78 Ref B: OSL30EDGE0117 Ref C: 2022-09-29T06:32:21Z
date: Thu, 29 Sep 2022 06:32:21 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&gjid=196322115&_gid=898740492.1664433138&_u=YGBAgEABAAAAAE~&z=2034161245

64.233.165.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&gjid=196322115&_gid=898740492.1664433138&_u=YGBAgEABAAAAAE~&z=2034161245
IP
64.233.165.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&gjid=196322115&_gid=898740492.1664433138&_u=YGBAgEABAAAAAE~&z=2034161245 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://refineyoursleep.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 06:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

b-code.liadm.com/a-060r.min.js

143.204.55.58

200 OK

11 kB

URL HTTP/2
b-code.liadm.com/a-060r.min.js
IP
143.204.55.58:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (28096), with CRLF, LF line terminators
Size
11 kB (11125 bytes)
Hash
819a5a160f4985b4f15e11e7eabc4b4d
74187a36d9c7ca2643e04cee05dda3c3d8e39ef6
2a49d76d1aeb2862ba397d9ff2b2198fb10776ba9070678d964b810c1bba562d

HTTP Headers

GET /a-060r.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 28 Sep 2022 13:56:34 GMT
cache-control: public, max-age=86400
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YadCpy8cbvx4LmzJaj_3_2LLDEvOv83gxcXRKS68zqm9FraedHNOKw==
age: 59746
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

s.yimg.com/wi/config/10012620.json

188.125.94.204

200 OK

22 B

URL HTTP/2
s.yimg.com/wi/config/10012620.json
IP
188.125.94.204:0
ASN
#10310 YAHOO-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc

HTTP Headers

GET /wi/config/10012620.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: YBV68S4CPWAQD7J3
x-amz-id-2: 5KucWIlsToTvfBQIndDw23KhYeHI+az+ottBC2Yab1phJ7LdglZD3Pp9VlRZW7DmVnk0N+oNfH8=
content-type: application/json
date: Thu, 29 Sep 2022 06:32:20 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 1
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
74da23feb51541d5a4eb7eff61088b65
5b70a903aa00d079dc55487c7f7edd3bf0fd6bf6
23bbfc9938e7f0fe3a0cfb6f364bc149782ec836e4d6f5f31640a7ddacee7014

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3737
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Last-Modified: Thu, 29 Sep 2022 05:30:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
74da23feb51541d5a4eb7eff61088b65
5b70a903aa00d079dc55487c7f7edd3bf0fd6bf6
23bbfc9938e7f0fe3a0cfb6f364bc149782ec836e4d6f5f31640a7ddacee7014

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6427
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Last-Modified: Thu, 29 Sep 2022 04:45:14 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 06:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-58496902-46&cid=260719434.1664433138&jid=1462037621&_u=YGBAgEABAAAAAE~&z=1313541809 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 06:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.clarity.ms/tag/uet/11042310

13.107.246.53

200 OK

1.5 kB

URL HTTP/2
www.clarity.ms/tag/uet/11042310
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (1495), with no line terminators
Size
1.5 kB (1495 bytes)
Hash
63edddac7b1c3174affbe17ad478f79f
9a9cf8d41aeb51094caa7540263d844b3c397afa
93fe663d51a6192745091a67ca50b63b5d1539c5d6a60dccc3cda6f495db2b0c

HTTP Headers

GET /tag/uet/11042310 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1495
content-type: application/x-javascript
expires: -1
set-cookie: CLID=d2ea5139f5374d19b3111fcac2c97be7.20220929.20230929; expires=Fri, 29 Sep 2023 06:32:21 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 09Ts1YwAAAAAdZnr49j8OR7gV+WMbjDM4U1ZHMjBFREdFMDUxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 29 Sep 2022 06:32:20 GMT
X-Firefox-Spdy: h2

rp.liadm.com/j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-

34.235.93.114

302 Found

0 B

URL HTTP/2
rp.liadm.com/j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-
IP
34.235.93.114:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE- HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Thu, 29 Sep 2022 06:32:21 GMT
content-length: 0
trace-id: 72f21b5f734ea1be
vary: Origin
location: /j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-&n3pc=true
set-cookie: lidid=4567eb03-af99-4169-ae55-be42c2f6bc1b; Max-Age=63072000; Expires=Sat, 28 Sep 2024 06:32:21 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 1
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://refineyoursleep.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2

tr.outbrain.com/unifiedPixel?marketerId=00c8cb59043e91fe98cbb336c2f007ab19&obApiVersion=1.0&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&optOut=false&bust=009596332978630329&referrer=

64.202.112.159

200 OK

60 B

URL HTTP/1.1
tr.outbrain.com/unifiedPixel?marketerId=00c8cb59043e91fe98cbb336c2f007ab19&obApiVersion=1.0&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&optOut=false&bust=009596332978630329&referrer=
IP
64.202.112.159:0
ASN
#22075 AS-OUTBRAIN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
60 B (60 bytes)
Hash
fb0fc5c090282e372b8bf8ff13ae3ee2
2de3834253ece606ce4d2a6f10a59654b6fa378b
90a8ffa59ad6227daafa10083d4cff2e9b295c9c82135b5f5cedd65b2e7c8ceb

HTTP Headers

GET /unifiedPixel?marketerId=00c8cb59043e91fe98cbb336c2f007ab19&obApiVersion=1.0&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&optOut=false&bust=009596332978630329&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:21 GMT
Content-Type: image/gif;
Content-Length: 60
Cache-Control: no-cache
X-TraceId: 2cf056e2167cac1b3aa6644c7ab518b3
content-encoding: gzip

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f457b92cc8ead600e5c297206466eff8
07dc558538848093c071d422f5f0df9885466df1
83bb44907eeb0602b45d29d12c65ffc60ded954d9751078fc958a4494b87fe70

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 06:32:21 GMT
Last-Modified: Thu, 29 Sep 2022 05:15:27 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 87cocAYFQjs3oDR55rwxFwPrVPjhhh5A1_idIeEKHMBsWOa287QXDg==
Age: 4614

fast.vidalytics.com/video/DOBezDQw/HUjuKumKcypbkfn0/61240/52296/stream.mpd

151.139.128.11

200 OK

2.6 kB

URL HTTP/2
fast.vidalytics.com/video/DOBezDQw/HUjuKumKcypbkfn0/61240/52296/stream.mpd
IP
151.139.128.11:0
ASN
#20446 STACKPATH-CDN

File type
XML 1.0 document text\012- XML document, ASCII text
Size
2.6 kB (2621 bytes)
Hash
fcc3e08cedb8dbcc572faabcaeabcb5d
053815266a8db8be691059018e26970d762ab0e0
cc01f3a2d5c3e1f61d05f4765942eac8d658eb6c3e65c57464da4ab2995f24ad

HTTP Headers

GET /video/DOBezDQw/HUjuKumKcypbkfn0/61240/52296/stream.mpd HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
accept-ranges: bytes
content-length: 2621
content-type: application/dash+xml
x-hw: 1664433140.cds024.sk1.hn,1664433140.cds209.sk1.s,1664433140.dop008.la3.r,1664433141.cds233.la3.c,1664433141.cds209.sk1.p
x-cdn: 4
x-guploader-uploadid: ADPycduTbMyTxukQYnyfyFWwgrdVm5UstvL7Et5a_o39NNAF3-oPtEk10dRaXk-Xy5AVBhEKd3_aw7fswQs57SEJw9Vz7RP_KYwv
cache-control: public, max-age=31104000
etag: "fcc3e08cedb8dbcc572faabcaeabcb5d"
x-goog-generation: 1648481768937712
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2621
x-goog-hash: crc32c=PHLYVA==, md5=/MPgjO2428xXL6q8rqvLXQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Mon, 28 Mar 2022 15:36:09 GMT
X-Firefox-Spdy: h2

tr.outbrain.com/cachedClickId?marketerId=00c8cb59043e91fe98cbb336c2f007ab19

64.202.112.159

200 OK

56 B

URL HTTP/1.1
tr.outbrain.com/cachedClickId?marketerId=00c8cb59043e91fe98cbb336c2f007ab19
IP
64.202.112.159:0
ASN
#22075 AS-OUTBRAIN

File type
ASCII text, with no line terminators
Size
56 B (56 bytes)
Hash
77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599

HTTP Headers

GET /cachedClickId?marketerId=00c8cb59043e91fe98cbb336c2f007ab19 HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:32:21 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 146785059ac7ea77dafd4da860803c59
content-encoding: gzip

sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2029%20Sep%202022%2006%3A32%3A18%20GMT&n=0&b=Special%20Offer&.yp=10012620&f=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&enc=UTF-8&yv=1.13.0

212.82.100.181

200 OK

43 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2029%20Sep%202022%2006%3A32%3A18%20GMT&n=0&b=Special%20Offer&.yp=10012620&f=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&enc=UTF-8&yv=1.13.0
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

HTTP Headers

GET /sp.pl?a=10000&d=Thu%2C%2029%20Sep%202022%2006%3A32%3A18%20GMT&n=0&b=Special%20Offer&.yp=10012620&f=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&enc=UTF-8&yv=1.13.0 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
expires: Thu, 29 Sep 2022 06:32:21 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBPU7NWMCEIZOV4GEbaWu8Gf0EPCzb6sFEgEBAQGNNmM_YwAAAAAA_eMAAA&S=AQAAAvn3MzJw81TimC7pS1GGu-c; Expires=Fri, 29 Sep 2023 12:32:21 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

34.235.93.114

200 OK

13 B

URL HTTP/2
rp.liadm.com/j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-&n3pc=true
IP
34.235.93.114:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

HTTP Headers

GET /j?dtstmp=1664433138075&aid=a-060r&se=e30&duid=4e7568173087--01ge3z4a8xznf1qzsj6a9g541j&tna=v2.4.2&pu=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&wpn=lc-bundle&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-PHRpdGxlIGNsYXNzPSJzd2l0Y2hGYXZUaXRsZSI-U3BlY2lhbCBPZmZlcjwvdGl0bGU-PGgxIGNsYXNzPSJoZWFkbGluZSI-SG93IFRvIFB1dCBBbiBFbmQgVG8gU2xlZXBsZXNzIE5pZ2h0cyBBbmQgR3JvZ2d5IE1vcm5pbmdzIEJ5IFNpbXBseSBSZWFjdGl2YXRpbmcgWW91ciBCcmFpbuKAmXMg4oCcU2xlZXAgWm9uZeKAnTwvaDE-&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Referer: https://refineyoursleep.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
content-length: 13
trace-id: e4068c159392bea8
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 755aebf1-b938-4232-a5c0-749d30ccd1c2
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://refineyoursleep.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics/error

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics/error
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics/error HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 524
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1836
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics/error

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics/error
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics/error HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 513
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.6.41/clarity.js

13.107.246.53

200 OK

24 kB

URL HTTP/2
www.clarity.ms/eus2/s/0.6.41/clarity.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (54809)
Size
24 kB (23509 bytes)
Hash
1a7d206cf77e52160f7d49ab1c167fe5
08d824c483c1a2428bdc4e583d61a5ca8d1afb74
5404eb1ed3f4542d873f4e0610572ad480353446ea8e6f7e2bb76034cf051652

HTTP Headers

GET /eus2/s/0.6.41/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8d107429df470"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 09Ts1YwAAAADuzYZ7tyWRRovpCe89W+DzU1ZHMjBFREdFMDUxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 29 Sep 2022 06:32:20 GMT
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 408
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:21 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2

heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2805926485646633&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Played&ts0=1664433138975&st=1664433138977

44.206.92.210

200 OK

37 B

URL HTTP/2
heapanalytics.com/h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2805926485646633&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Played&ts0=1664433138975&st=1664433138977
IP
44.206.92.210:0
ASN
#14618 AMAZON-AES

File type
GIF image data, version 89a, 1 x 1\012- data
Size
37 B (37 bytes)
Hash
3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

HTTP Headers

GET /h?a=1279333676&u=5116957712927322&v=712420121134751&s=567344750806354&b=web&tv=4.0&sp=ts&sp=1664433137161&sp=d&sp=refineyoursleep.com&sp=h&sp=%2Fnews%2F1662%2Fvideo_sr_mb&sp=q&sp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=d&pp=refineyoursleep.com&pp=q&pp=%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq&pp=h&pp=%2Fnews%2F1662%2Fvideo_sr_mb&pp=t&pp=Special%20Offer&pp=ts&pp=1664433137161&id0=2805926485646633&k0=FID&k0=1662&k0=TID&k0=affiliati&k0=CID%20Part%201&k0=517524347&k0=CID%20Part%202&k0=10362&k0=CID%20Part%203&k0=XMlaefkkrmq&k0=Page&k0=%2Fnews%2F1662%2Fvideo_sr_mb&t0=Video%20-%20Played&ts0=1664433138975&st=1664433138977 HTTP/1.1
Host: heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: image/gif
content-length: 37
server: nginx
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1827
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 541
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:21 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&RedC=c.clarity.ms&MXFR=04E98CBDD14063E73DE19E93D5406DC3
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=04E98CBDD14063E73DE19E93D5406DC3; domain=.clarity.ms; expires=Tue, 24-Oct-2023 06:32:22 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 29 Sep 2022 06:32:21 GMT
content-length: 0
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 541
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&RedC=c.clarity.ms&MXFR=04E98CBDD14063E73DE19E93D5406DC3

204.79.197.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&RedC=c.clarity.ms&MXFR=04E98CBDD14063E73DE19E93D5406DC3
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&RedC=c.clarity.ms&MXFR=04E98CBDD14063E73DE19E93D5406DC3 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://refineyoursleep.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&MUID=3AC74AB53FA966230A1C589B3E5C6790
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3AC74AB53FA966230A1C589B3E5C6790; domain=c.bing.com; expires=Tue, 24-Oct-2023 06:32:22 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F92CECABECBF401088D48AD71514CE71 Ref B: OSL30EDGE0117 Ref C: 2022-09-29T06:32:22Z
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 0
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 524
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 16
x-envoy-upstream-service-time: 0
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&MUID=3AC74AB53FA966230A1C589B3E5C6790

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&MUID=3AC74AB53FA966230A1C589B3E5C6790
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=2D3F6A5D3E34486A9B0A4F7913411C9B&MUID=3AC74AB53FA966230A1C589B3E5C6790 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://refineyoursleep.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 29-Sep-2022 06:42:22 GMT; path=/; SameSite=None; Secure;
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 42
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 513
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 16
x-envoy-upstream-service-time: 1
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 255
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Thu, 29 Sep 2022 06:32:22 GMT
content-length: 16
x-envoy-upstream-service-time: 0
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2

trc-events.taboola.com/1074154/log/3/unip?en=pre_d_eng_tb&tos=1586&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664433139574&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1074154/log/3/unip?en=pre_d_eng_tb&tos=1586&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664433139574&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1074154/log/3/unip?en=pre_d_eng_tb&tos=1586&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1664433139574&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Thu, 29 Sep 2022 06:32:22 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://refineyoursleep.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 121783
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://refineyoursleep.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Thu, 29 Sep 2022 06:32:22 GMT
X-Firefox-Spdy: h2

trc-events.taboola.com/1074154/log/3/unip?en=pre_d_eng_tb&tos=4588&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664433142575&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1074154/log/3/unip?en=pre_d_eng_tb&tos=4588&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664433142575&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1074154/log/3/unip?en=pre_d_eng_tb&tos=4588&scd=100&ssd=1&est=1664433137985&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1664433142575&vi=1664433137983&ri=fcb97d14586c4cb905c18026a18086a0&ref=null&cv=20220922-16-RELEASE&item-url=https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 29 Sep 2022 06:32:25 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://refineyoursleep.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

analytics-ingress-global.bitmovin.com/analytics

35.190.27.197

204 No Content

0 B

URL HTTP/2
analytics-ingress-global.bitmovin.com/analytics
IP
35.190.27.197:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /analytics HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1806
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: v1.53.1
date: Thu, 29 Sep 2022 06:32:25 GMT
content-type: application/json
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

fast.vidalytics.com/video/DOBezDQw/fE3hsU0RSw93Dcuo/img/thumbnail/1overlay-opt-3-5ff7a5bd71d7b.gif

151.139.128.11

200 OK

0 B

URL HTTP/2
fast.vidalytics.com/video/DOBezDQw/fE3hsU0RSw93Dcuo/img/thumbnail/1overlay-opt-3-5ff7a5bd71d7b.gif
IP
151.139.128.11:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /video/DOBezDQw/fE3hsU0RSw93Dcuo/img/thumbnail/1overlay-opt-3-5ff7a5bd71d7b.gif HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
content-length: 352025
content-type: image/gif
last-modified: Fri, 08 Jan 2021 00:22:21 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdvRb1ru04hREDdAdUbqvCMsgYiRnH577Q8yPoSs7dDBHPx5otQZfjwR8wzu09726t44AZX1qR8UvuTguDmNbCSiQtPWi5m0
x-goog-generation: 1610065341644167
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 352025
x-goog-hash: crc32c=7Q3i8g==, md5=HhONN/pfuaDSo3CBd09V9g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=31104000
etag: "1e138d37fa5fb9a0d2a37081774f55f6"
age: 1120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1664433141.cds258.sk1.hn,1664433141.cds261.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:19 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 9879893
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7522ae533f38b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.heapanalytics.com/js/heap-1279333676.js

54.230.111.113

200 OK

0 B

URL HTTP/2
cdn.heapanalytics.com/js/heap-1279333676.js
IP
54.230.111.113:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/heap-1279333676.js HTTP/1.1
Host: cdn.heapanalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 29 Sep 2022 06:31:50 GMT
server: nginx
etag: W/"1b5ce-6tWSLi2bR3oFWBbvyjUG6w"
cache-control: public, max-age=120
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _Xvss4KExDSY7CsSPq5H0tGdpf7IBP63GqzKQ_lAAjiFUOnqXluKEw==
age: 29
X-Firefox-Spdy: h2

in.hotjar.com/api/v2/client/sites/1796349/visit-data?sv=5

54.76.60.60

200 OK

0 B

URL HTTP/2
in.hotjar.com/api/v2/client/sites/1796349/visit-data?sv=5
IP
54.76.60.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/client/sites/1796349/visit-data?sv=5 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 131
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:21 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2

trc.taboola.com/1074154/trc/3/json?tim=1664433137990&data=%7B%22id%22%3A47%2C%22ii%22%3A%22%2Fnews%2F1662%2Fvideo_sr_mb%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664433137983%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-dianeprimalhealthlpcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664433137989%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i

151.101.85.44

200 OK

0 B

URL HTTP/2
trc.taboola.com/1074154/trc/3/json?tim=1664433137990&data=%7B%22id%22%3A47%2C%22ii%22%3A%22%2Fnews%2F1662%2Fvideo_sr_mb%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664433137983%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-dianeprimalhealthlpcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664433137989%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1074154/trc/3/json?tim=1664433137990&data=%7B%22id%22%3A47%2C%22ii%22%3A%22%2Fnews%2F1662%2Fvideo_sr_mb%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1664433137983%2C%22cv%22%3A%2220220922-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-dianeprimalhealthlpcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1664433137989%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frefineyoursleep.com%2Fnews%2F1662%2Fvideo_sr_mb%3Ftid%3Daffiliati%26cid%3D517524347%7C10362%7CXMlaefkkrmq%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Thu, 29 Sep 2022 06:32:21 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664433141.112837,VS0,VE94
vary: Accept-Encoding
x-vcl-time-ms: 94
X-Firefox-Spdy: h2

fast.vidalytics.com/embeds/DOBezDQw/1q01xpVeThenmcsk/player-dash-mse.min.js

151.139.128.11

200 OK

0 B

URL HTTP/2
fast.vidalytics.com/embeds/DOBezDQw/1q01xpVeThenmcsk/player-dash-mse.min.js
IP
151.139.128.11:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embeds/DOBezDQw/1q01xpVeThenmcsk/player-dash-mse.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://refineyoursleep.com
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:19 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 13:58:52 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdu8s8LV1U7QoFP5VGY5tLsMXrWR2lknZMH8kbUxLb-yzv8q9cOrhj_um_Gc8YsHIvczH69IL7sXhawCqb48-sRjig
x-goog-generation: 1661435932011405
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 494002
x-goog-hash: crc32c=UKYPmw==, md5=ItdUsAMIIjlekR3SAWI23g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server, x-cdn, x-cdn-info
server: UploadServer
cache-control: public, max-age=300, s-maxage=2592000
etag: "22d754b0030822395e911dd2016236de"
age: 993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-cdn: 4
content-encoding: gzip
x-hw: 1664433139.cds024.sk1.hn,1664433139.cds024.sk1.hc,1664433139.cds253.sk1.c,1664433139.cds024.sk1.sl
X-Firefox-Spdy: h2

fast.vidalytics.com/embeds/DOBezDQw/1q01xpVeThenmcsk/loader.min.js

151.139.128.11

200 OK

0 B

URL HTTP/2
fast.vidalytics.com/embeds/DOBezDQw/1q01xpVeThenmcsk/loader.min.js
IP
151.139.128.11:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embeds/DOBezDQw/1q01xpVeThenmcsk/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 06:32:19 GMT
expires: Sat, 29 Oct 2022 06:32:19 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtIzdCGun0BCiVoK1Ahd4wkqeCBZnEF45XK0nsLvQ64CzGs6_fQ63Nh_uiIySDKWrtTprjHKyDz8yfdL8lZLJuLgWfWWuDT
x-goog-generation: 1661435931587555
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9740
x-goog-hash: crc32c=UGf3Sg==, md5=RTFBS4WjwFRDfCw9HS1fXQ==
x-goog-storage-class: MULTI_REGIONAL
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Content-Type, x-hw, server, x-cdn, x-cdn-info
server: UploadServer
cache-control: public, max-age=300, s-maxage=2592000
etag: "4531414b85a3c054437c2c3d1d2d5f5d"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Thu, 25 Aug 2022 13:58:51 GMT
x-cdn-info: loader
x-cdn: 4
content-encoding: gzip
x-hw: 1664433139.cds258.sk1.hn,1664433139.cds258.sk1.hc,1664433139.cds223.sk1.sc,1664433139.cds223.sk1.p,1664433139.cds258.sk1.sl
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i,900,900i

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i,900,900i
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,400i,700,700i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://refineyoursleep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 06:32:19 GMT
date: Thu, 29 Sep 2022 06:32:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations