Report - goibo.springotech.com/ga/click/2-64757091-160-554-1038-1035-1f5f1bd6bf-oe5b80c29a

Report Overview

Submitted URL
goibo.springotech.com/ga/click/2-64757091-160-554-1038-1035-1f5f1bd6bf-oe5b80c29a
IP
149.102.134.15
ASN
#174 COGENT-174
Submitted
2022-11-04 17:37:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	2.1 kB	6.0 kB	143.204.42.88
d2zah9y47r7bi2.cloudfront.net	unknown	2014-12-18T02:16:00Z	2023-03-10T18:12:35Z	396 B	9.2 kB	54.230.245.5
mwebnice.com	unknown	2022-02-18T01:05:35Z	2023-03-10T15:10:42Z	473 B	141 kB	172.67.146.245
d9i5ve8f04qxt.cloudfront.net	unknown	2015-04-08T01:51:06Z	2023-03-09T20:28:08Z	442 B	103 kB	143.204.42.153
dw26xg4lubooo.cloudfront.net	unknown	2013-04-25T10:38:02Z	2023-03-09T15:41:39Z	3.4 kB	37 kB	54.230.245.47
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.7 kB	4.0 kB	93.184.220.29
secure.ultracart.com	433440	2012-09-29T20:22:41Z	2023-03-09T15:41:36Z	3.0 kB	7.0 kB	13.248.135.131
ssl.google-analytics.com	275	2012-10-02T06:58:30Z	2023-03-10T16:22:14Z	369 B	18 kB	142.250.74.72
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-10T05:19:42Z	833 B	566 B	216.239.32.36
www.youtube.com	90	2013-04-13T09:43:20Z	2023-03-10T05:16:45Z	789 B	56 kB	142.250.74.46
dndngvalp4jdj.cloudfront.net	unknown	2021-01-27T08:58:30Z	2023-03-09T15:41:39Z	5.0 kB	474 kB	143.204.42.123
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-10T05:15:22Z	377 B	29 kB	31.13.72.12
www.googleoptimize.com	1604	2019-07-16T12:17:19Z	2023-03-10T14:53:38Z	388 B	46 kB	142.250.74.78
use.fortawesome.com	21348	2017-01-29T13:41:02Z	2023-03-10T15:27:27Z	800 B	40 kB	151.139.128.8
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	775 B	349 B	31.13.72.36
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	44.238.202.79
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	3.4 kB	7.0 kB	142.250.74.35
b-code.liadm.com	3597	2016-01-19T11:23:52Z	2023-03-10T14:25:46Z	369 B	12 kB	143.204.55.112
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	1.4 kB	1.8 kB	142.250.74.164
capture.trackjs.com	9042	2014-07-09T12:28:39Z	2023-03-10T18:13:23Z	974 B	550 B	15.235.42.36
go.maxweb.com	389866	2018-04-27T13:31:31Z	2023-03-09T23:46:36Z	530 B	566 B	172.66.40.143
goibo.springotech.com	unknown	2022-09-06T12:11:16Z	2023-01-16T01:42:50Z	412 B	731 B	149.102.134.15
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	54 kB	34.120.237.76
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-10T08:04:05Z	1.6 kB	72 kB	104.17.25.14
use.typekit.net	494	2012-07-05T03:42:39Z	2023-03-10T05:27:57Z	7.1 kB	322 kB	23.36.76.122
p.typekit.net	620	2012-05-23T16:28:57Z	2023-03-10T05:27:57Z	560 B	390 B	23.36.76.122
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-10T05:19:43Z	833 B	87 kB	216.239.32.36
bartonnutrition.com	unknown	2020-07-21T22:53:08Z	2023-03-09T15:23:27Z	600 B	2.8 kB	172.67.140.245
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
gardn.ultracartstore.com	unknown	2022-06-04T22:23:05Z	2023-03-09T15:23:13Z	1.8 kB	3.2 kB	76.223.4.85
rp.liadm.com	2705	2017-02-01T21:43:30Z	2023-03-10T14:25:52Z	3.0 kB	2.5 kB	3.83.72.121
token.ultracart.com	755093	2014-07-28T19:27:38Z	2023-03-09T15:41:39Z	397 B	563 B	143.204.55.88
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-10T16:21:16Z	1.4 kB	3.0 kB	216.58.211.2
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-10T12:41:09Z	491 B	566 B	64.233.162.155
usage.trackjs.com	3825	2014-07-09T12:28:37Z	2023-03-10T18:12:36Z	530 B	227 B	167.114.119.127
www.googleadservices.com	107	2012-06-26T16:53:06Z	2023-03-10T16:05:03Z	482 B	947 B	142.250.74.130
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-10T07:09:08Z	485 B	694 B	142.250.74.35
d1pqvb2h9xgm7r.cloudfront.net	unknown	2022-06-01T20:40:24Z	2023-03-09T20:27:46Z	1.0 kB	960 B	143.204.42.134
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-10T11:13:22Z	1.3 kB	40 kB	151.101.85.229
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	376 B	21 kB	142.250.74.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-04	medium	goibo.springotech.com/ga/click/2-64757091-160-554-1038-1035-1f5f1bd6bf-oe5b80c29a	Phishing
2022-11-04	medium	mwebnice.com/7605/186/2/?subid=greenyymxnwww	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (41)

	URL	Size	First Seen	Last Seen
	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	305 B	2023-03-10	2024-02-05
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:11:01 Last Seen2024-02-05 10:48:15 Times Seen18 Hash f5561d84a199f5f0452c95d02f595255 f4520c3d57969299d613edf67a5a444654c0b992 a01e72fab362ab0079968707f34bd78c52288daa19db06267ca6b531d4629f34 Loading...

	cdn.jsdelivr.net/npm/videojs-youtube@2.6.1/dist/Youtube.min.js	14 kB	2023-03-08	2024-04-26
Pretty URL cdn.jsdelivr.net/npm/videojs-youtube@2.6.1/dist/Youtube.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-04-26 07:53:09 Times Seen208 Hash b2c25d3e972443c7c5efdfddd513de81 61564c4672dbe879d21a9916f2cba2d16d8d8d89 d7d39b75f8d8895c21e8f271d6b110535f413f39d348da21dc0e669d2769ed41 Loading...

	use.fortawesome.com/de183023.js	9.9 kB	2023-03-08	2023-03-10
Pretty URL use.fortawesome.com/de183023.js IP 151.139.128.8 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2023-03-10 20:14:01 Times Seen1 Hash bfa45a60c2439cb5baf783a2c0243634 0aad979a9a740044e2b74b3c5bbfc5d1a9d4660c 69f94364c78c478d8a4b5da666a6388fa5fdaafad4527b10c2ea3550f682a4bf Loading...

	cdnjs.cloudflare.com/ajax/libs/axios/0.17.1/axios.min.js	13 kB	2023-03-08	2024-04-03
Pretty URL cdnjs.cloudflare.com/ajax/libs/axios/0.17.1/axios.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:59 Last Seen2024-04-03 00:54:35 Times Seen74 Hash 279e63262790dc6457b60db2b9b6c1eb decb4ece4bb41b9b1eddec7239840c4169814c03 03cdc51eddb62db48e3d837d746b3be21fc9d23a9cdd365aa4752995fdaeba92 Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	64 B	2023-03-08	2024-02-24
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-02-24 07:11:27 Times Seen73 Hash 96825f48f1fe9fd2bf3ce4147fdf9034 d02dc8fcfb0d8f607b36acfc372bbedb845bfc42 7e5f1644cc3b3eb7dac06255b6bbd2efc2e2209b06c98ac5d87dfd6e93f1774e Loading...

	www.googletagmanager.com/gtag/js?id=G-XM17T9CF1F&l=dataLayer&cx=c	219 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-XM17T9CF1F&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:14:01 Last Seen2023-03-10 20:14:01 Times Seen1 Hash 3d4dde7ebd39d4009db9b95915a6463d 86f0bbd81502cbd64d082476286258f86aa50191 d47cc4b7481e5f0780c6059c1a5497b24ddbc1ef3abe41f5243cd4715b95f556 Loading...

	www.googletagmanager.com/gtag/js?id=G-8M5DP1FGCG&l=dataLayer&cx=c	225 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-8M5DP1FGCG&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:14:01 Last Seen2023-03-10 20:14:01 Times Seen1 Hash 7fed5dafa013cd390a8e441d0b3b656a 6bc500b2f386390b650221bea681a6fb17e6e1c0 37b969001bd9593e7e2ee22e174e3fc151f4e0345243abe52ac1aede44f6a27e Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	149 kB	2023-03-10	2023-03-10
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:14:01 Last Seen2023-03-10 20:14:01 Times Seen1 Hash 38429925851d2f80c965394feaa3ebdf a5054d2900440f880700293706667e312dc5d683 48f6f763b7d97009ddc6e555378eade2333f2bbca971a38ab63e2f070a67139b Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	134 B	2023-03-10	2023-03-10
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:14:01 Last Seen2023-03-10 20:14:01 Times Seen1 Hash 16f122a74fc63f7ae3aad743315e033a d6725370d28448fc61036c1e85711fd3dd453163 48c79f4477d83f2e0aa3b722e3d6d35837119eda5c1b6b3eff8bed60fe3a180b Loading...

	dndngvalp4jdj.cloudfront.net/vendor/modernizr3.6.0.min.js	16 kB	2023-03-08	2024-03-22
Pretty URL dndngvalp4jdj.cloudfront.net/vendor/modernizr3.6.0.min.js IP 143.204.42.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-03-22 23:55:03 Times Seen128 Hash f4631027c55199d5f09d1eb1091474ba 25f226017aa25fe77985ec4e4ea436cbe29d5060 c97be593b580109356a45ac97e33762be55a40708fb9f5b18dee90297337a89b Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	319 B	2023-03-08	2024-04-03
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-04-03 00:54:33 Times Seen78 Hash f8b2993f718399a79e3c3d3fabce845d 243575160c995c9ed41dd12a6e222600a928a1aa 390228e1220c3dc2871e3d357b1022c794d7c9adfd0691a87a1df512332aa374 Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	373 B	2023-03-08	2024-04-03
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-04-03 00:54:34 Times Seen78 Hash 6204cf30c4f0262979d17db6dc17beb0 dcb967637d4b413cc8d53093ce1f05ae97820e1d 5ff4965159ac065ea0b3f77cb01944f87ea8372c51c5b145c5dec502402da873 Loading...

	b-code.liadm.com/a-075m.min.js	28 kB	2023-03-10	2023-03-10
Pretty URL b-code.liadm.com/a-075m.min.js IP 143.204.55.112 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:02:05 Last Seen2023-03-10 20:14:01 Times Seen1 Hash a5ff16d65a72d7cf80b6868620ee66ef 5330f3092c6f1722c8a309d363fbacab4abf7138 128b9e33d8163d8ced95b3086c26cb8590e56e5ba9833bbe8bc71662b0d9163d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-27
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-27 02:03:36 Times Seen1536 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	ssl.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL ssl.google-analytics.com/ga.js IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	351 B	2023-03-08	2024-02-05
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-02-05 10:48:15 Times Seen18 Hash 81a81c7184045b0fb1ab33ad9846585f 168b9b78f43bcff947fc3228e66adc241cdb6ba4 2dc788647a0b12bf8158b83dd53ab90eebbe5d7185fc556bb136f2cf0c7d5431 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-27
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-27 02:03:52 Times Seen139466 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/vue.min.js	94 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/vue.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:55 Last Seen2024-04-26 13:53:03 Times Seen2535 Hash 6c81f02ad0bf8e12a66c18cab188d029 abd239f02966b2d324b0512c203bdbaf82a4ed7a 9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	508 B	2023-03-08	2024-02-05
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-02-05 10:48:16 Times Seen18 Hash 5c349b9df1e2689bc9b59b38ca5dc4d6 28436796796d2283b25f7b9277a8a53a744c1d92 0a2af54742025bdb93040021ff2dea1fa8f517e94f4b19fe43d8856b89dea229 Loading...

	d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect.js?mid=GARDN&channel=secure.bartonnutrition.com	102 kB	2023-03-10	2023-03-11
Pretty URL d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect.js?mid=GARDN&channel=secure.bartonnutrition.com IP 143.204.42.153 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:02:05 Last Seen2023-03-11 22:50:58 Times Seen1 Hash 4e88eefd8308206bb7998f8fc3f959af c692b1620fdf8d9ede729c9fbbf9521a844fde0b 9d7774b740b1d0db487d0c76b7a27d3772288ae1d542cfad8026648d091e7e07 Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js	84 kB	2023-03-07	2024-04-26
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-26 23:46:11 Times Seen7286 Hash 7f389f5d2622ce2090eca7c36bcb90bc ab27031159724e2421f6ff5c70f48e657abe9d39 8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01 Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	47 B	2023-03-08	2024-02-05
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-02-05 10:48:15 Times Seen21 Hash 1871b6b2e18814fb83bcf47c13c4c9c7 51349e9babdb52b485c7820e3aaeae47d03244ca 7bdd0c248015be64eb59a415339d99667d6e40765b1d5a1640027ab874739983 Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	194 B	2023-03-08	2024-04-03
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-04-03 00:54:35 Times Seen30 Hash e62ade2bd773f29cca568269258d09d4 c51c0d1e1b747ed7aa4c6e6b233350cf5dfcc97c 8f82873ddc84ab3aab73c79f1b5d36f80ad9b713f5e8f274377c8771061e869e Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/765746930/?random=1667583432937&cv=11&fst=1667583432937&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&tiba=Jerusalem%20Flower&auid=2077802470.1667583433&rfmt=3&fmt=4	2.1 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/765746930/?random=1667583432937&cv=11&fst=1667583432937&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&tiba=Jerusalem%20Flower&auid=2077802470.1667583433&rfmt=3&fmt=4 IP 216.58.211.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:14:01 Last Seen2023-03-10 20:14:01 Times Seen1 Hash 8106fcc22c0a275a4889cb43a6333841 10ecbb46856054032980a97ef16e9a1e6be46228 16a20ee51e0aa52140bc01cea11820e12a507f96276c906cc1c2f537fafcdb7a Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:24:48 Times Seen37109022 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js	27 kB	2023-03-07	2024-04-02
Pretty URL d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js IP 54.230.245.5 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:56 Last Seen2024-04-02 23:49:09 Times Seen246 Hash 160874c6a444216fd269e7e0e2370aa7 a52ba0a5f09416157a46f418668bf587abc866f9 b083af11bff8f6237c9b83a2910ccb07625602e3c386de94daeedb8dab2b195d Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	24 kB	2023-03-10	2023-03-10
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:14:01 Last Seen2023-03-10 20:14:01 Times Seen1 Hash e26deebf64b0d9acfd886db2c56d0b92 c429e7e5763a7b1ce51e70dc6c85dbef679d0c3f 9668de1eea1f79e074e6872e97482835034e0969535186ae6fbd6423a4f330e7 Loading...

	use.typekit.net/but5bfb.js	21 kB	2023-03-08	2023-03-10
Pretty URL use.typekit.net/but5bfb.js IP 23.36.76.122 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2023-03-10 20:14:01 Times Seen1 Hash 6a3ae8b305501f11bc5146f7c55c327a 437355a83e54e14170b35745fb961fc57621663a 2901d2c9c6dc784d9fa88244ca91457c2ea7433ff8c05bb654401c76a4d372c5 Loading...

	gardn.ultracartstore.com/cgi-bin/UCAffiliateNetworkPixel	1.7 kB	2023-03-10	2023-03-10
Pretty URL gardn.ultracartstore.com/cgi-bin/UCAffiliateNetworkPixel IP 13.248.135.131 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:11:01 Last Seen2023-03-10 20:14:01 Times Seen1 Hash ea217a34c7545b517c3670617362248f ad72704e8c22e0c3c673c7bca2498d0241355a8b 9175018ecc3e978e1543818ef6586dfd03e1599c5027f742cdaae8ea55a8ec9c Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-10	2023-10-31
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:19:33 Last Seen2023-10-31 18:18:05 Times Seen6 Hash 8938d4fc65afd3422bf533482ca33a53 2d92351d88fc6fd59cdac7d801753ac64ba52277 f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143 Loading...

	www.youtube.com/s/player/03bec62d/www-widgetapi.vflset/www-widgetapi.js	161 kB	2023-03-10	2023-03-11
Pretty URL www.youtube.com/s/player/03bec62d/www-widgetapi.vflset/www-widgetapi.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:34:21 Last Seen2023-03-11 09:03:38 Times Seen1 Hash b52c8960251b00ec8c645c8f6babbee5 4d51785620f4123ccf5dbb8410c5056137d624a8 1842dc54075526177baf143339a4aa374b1712bd07aebc45d59651b96ce76d52 Loading...

	connect.facebook.net/signals/config/368276591178798?v=2.9.89&r=stable	300 kB	2023-03-10	2023-03-10
Pretty URL connect.facebook.net/signals/config/368276591178798?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:14:01 Last Seen2023-03-10 20:14:01 Times Seen1 Hash 4cd48ae1e1c60e654d33f5029a4858c4 37fd80a9110f39c5ff86b9e34d5111d328674ff4 607becc7d6fea1c97da9a048b64f58036ca485832d312acc73e90394ef6d1f69 Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	32 B	2023-03-08	2024-04-03
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-04-03 00:54:35 Times Seen30 Hash 1f95657866c42f746cc0f06fe1243831 b091859c781dbc508c808fee98d1675a4274aa7a e7c190eec2b3a95f37ef910455712b84391db8978ac2fd8865138b8e59cf9883 Loading...

	www.youtube.com/iframe_api	992 B	2023-03-10	2023-03-11
Pretty URL www.youtube.com/iframe_api IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 18:34:21 Last Seen2023-03-11 09:03:37 Times Seen1 Hash 4ca1b50b1270185226dffe84e0a6662f 6a5e8bb346cb4ec747c1117ff0b1ff10a3770ea1 cde8f6c5c17d8059141a5c9541ed63cc47519f29d9bb2dceed4562372ab7c643 Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	1.1 kB	2023-03-08	2024-04-03
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-04-03 00:54:33 Times Seen78 Hash 85b64173a5f782bbeade8cee112a9414 76775388ffef56baa25ed205c22b6fa0c5bfb2c4 d4ff7429bedb99bc2173390268892261b93bcda97bc31788695a34007cb409fb Loading...

	cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js	12 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:16 Last Seen2024-04-19 12:57:48 Times Seen1081 Hash 7e2893ef542a12a5c7207d438bfa87d8 73852c24b51ec9c89260b32a4a66b3e2bfa226c2 e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-57P4T5X	186 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-57P4T5X IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:14:01 Last Seen2023-03-10 20:14:01 Times Seen1 Hash d6ded31f7634393e1015558aad017ad0 29d42a9509c39af63a1fb49be05b4aa23b7c92b3 fd90f5193a2c84f67d0dd2cfe28c8670d503820a0cd70e306cb9d93c2926d2e3 Loading...

	token.ultracart.com/checkout/checkout-hosted-fields-1.0.js	41 kB	2023-03-08	2023-09-13
Pretty URL token.ultracart.com/checkout/checkout-hosted-fields-1.0.js IP 143.204.55.88 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2023-09-13 23:35:23 Times Seen25 Hash 512dfa861970d35c07b14485ab52cf30 2a99a61c9d403d53d8eb19383ffdd7b1f44fda4b 7c0ebea2f81ea9a7767a77acd2b371004dafb75f96b6a00ea2762fb83118d728 Loading...

	bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832	227 B	2023-03-08	2024-03-22
Pretty URL bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 IP 172.67.140.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:47:58 Last Seen2024-03-22 23:55:03 Times Seen77 Hash cd1e873ac7f8fbbe68944a79b8f0b9c2 18614c5b37d1d81fb281f950cbd43a2cd8dfbbb9 545d480ca6c4b8ebcb531fc32c9de016e2bbe187145fdc1e9dd6412bc8f18db1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ee175f1ec44cd2ecaceb5a930946abbe	433 B	2023-03-08	2023-09-21
Pretty Observations First Seen2023-03-08 01:47:59 Last Seen2023-09-21 09:51:43 Times Seen23 Hash ee175f1ec44cd2ecaceb5a930946abbe 53023444f8c35f706c941cb5048b3563be22ee7b 1f542c6ab0bc77031769184c8fee4046518f6801f17545aad0e4c84b93e66a5d Loading...

	#2 Eval - 8f4a606d4706c2ee49b4959a3b04fa27	179 B	2023-03-08	2023-09-21
Pretty Observations First Seen2023-03-08 01:47:59 Last Seen2023-09-21 09:51:43 Times Seen23 Hash 8f4a606d4706c2ee49b4959a3b04fa27 5ae83a6a0d14959b353eb0f1d1e19231d11f3526 6f871ac009f3875cd157111f5edea139e3d9bde19d0d466c8402b00eee85b875 Loading...

HTTP Transactions (117)

URL IP Response Size

goibo.springotech.com/ga/click/2-64757091-160-554-1038-1035-1f5f1bd6bf-oe5b80c29a

149.102.134.15

302 Found

118 B

URL HTTP/1.1
goibo.springotech.com/ga/click/2-64757091-160-554-1038-1035-1f5f1bd6bf-oe5b80c29a
IP
149.102.134.15:0
ASN
#174 COGENT-174

File type
HTML document text\012- HTML document, ASCII text, with no line terminators
Size
118 B (118 bytes)
Hash
ae4039dd8c754e010d093ba0cca77767
87b2c24c0ea8ad1ad7215979ce4f574aef791fb0
98fbe4ca55da8875c20762df66f4d9249d48e57d314e2e9c280a17dc830fab8a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ga/click/2-64757091-160-554-1038-1035-1f5f1bd6bf-oe5b80c29a HTTP/1.1
Host: goibo.springotech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Fri, 04 Nov 2022 17:37:11 GMT
Server: Apache/2.4.52 (Unix) OpenSSL/1.0.2k-fips PHP/7.3.33
Status: 302 Found
X-Rack-Cache: miss
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
X-Request-Id: 15ec4f6c711faf9e3ab1f1838c49adf2
Location: https://mwebnice.com/7605/186/2/?subid=greenyymxnwww
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.022607
Expires: Mon, 01 Jan 1990 00:00:00 GMT
X-Powered-By: Phusion Passenger(R) 6.0.12
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b7be8442ec1e518ccc80739495f6d047
7a9d24b9d4046262c7753c49afaf9c19f4840626
b93410a9d62da3f219796d753b61a0f730cc272c13596724aa9d20efba298b44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4813
Expires: Fri, 04 Nov 2022 18:57:24 GMT
Date: Fri, 04 Nov 2022 17:37:11 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4170
Cache-Control: max-age=147804
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:11 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 10:40:35 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20828
Expires: Fri, 04 Nov 2022 23:24:19 GMT
Date: Fri, 04 Nov 2022 17:37:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Va2xgOjA/4cB9zDO1u7SZQfIptM5d+iBp+mAznDR49W2FJDbwUrxjj7n54f4DBQowDLsgQ5b+8I=
x-amz-request-id: 2EA9CZ5VZQK0BEBW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 04 Nov 2022 17:09:40 GMT
age: 1651
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 17:37:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
42a0adacced30df52cf7cad3e200036d
f7b4114defc61f806dbb74fd228bca155d52362a
e4928481739a2a75dce86c03b355c6dff507426e8d851cba5ca8537b1be87c20

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3990
Cache-Control: max-age=142565
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:12 GMT
Etag: "6364c817-1d7"
Expires: Sun, 06 Nov 2022 09:13:17 GMT
Last-Modified: Fri, 04 Nov 2022 08:06:47 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4da673644d01ab5320827892c4072bf6
5b04867fe34a1c4fd62e87e96ee29e224b4f6f94
6b602c1c31b511f3e5c21400bcd264be5b2d333a7d1435ef99564e8d45fac057

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162316
Date: Fri, 04 Nov 2022 17:37:12 GMT
Etag: "63651dfe-1d7"
Expires: Sun, 06 Nov 2022 14:42:28 GMT
Last-Modified: Fri, 04 Nov 2022 14:13:18 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DnNzNLzJ2KDpB3Aiug_obB3R35mLBLiIJrxiaf8VXb29c5-gRk6-jg==
Age: 1750

push.services.mozilla.com/

44.238.202.79

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.238.202.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c3uXc2MRe25a4tgJ49RPnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fwv1c5DRx8ValhwXW2nlRzi8GrA=

gardn.ultracartstore.com/aff/D7CF04F5A0F2FB017FF5CD00FE1EF400/index.html?&utm_source=maxweb&utm_medium=email&utm_term=email&utm_content=fg_bowel&utm_campaign=fg_jerusalem&subid=7605_sessid20221104173733850

76.223.4.85

302 Found

194 B

URL HTTP/1.1
gardn.ultracartstore.com/aff/D7CF04F5A0F2FB017FF5CD00FE1EF400/index.html?&utm_source=maxweb&utm_medium=email&utm_term=email&utm_content=fg_bowel&utm_campaign=fg_jerusalem&subid=7605_sessid20221104173733850
IP
76.223.4.85:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
194 B (194 bytes)
Hash
be40c90676c1eb2d2df914da808679b1
4c07a42a198fa670ca57a8f0e152212580b97759
425a0c33f6e2296d3f1a39b2a0e58d4bfaa20c3c6ab0b611e56db3db4e3a49ca

HTTP Headers

GET /aff/D7CF04F5A0F2FB017FF5CD00FE1EF400/index.html?&utm_source=maxweb&utm_medium=email&utm_term=email&utm_content=fg_bowel&utm_campaign=fg_jerusalem&subid=7605_sessid20221104173733850 HTTP/1.1
Host: gardn.ultracartstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Date: Fri, 04 Nov 2022 17:37:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 194
Connection: keep-alive
Set-Cookie: AWSALB=ZlpsWUtOuO/GTO5RdkHNqPOBpdCQXrNhPZCoglQ7t3TkRuxy/5vTWd/OELpijg5n2zOg7zuB5W9Df5VW5h/vp+IMcUoFB6uCbK3YPF0K+GSBBH3+4hBfB5bk5DOf; Expires=Fri, 11 Nov 2022 17:37:12 GMT; Path=/
AWSALBCORS=ZlpsWUtOuO/GTO5RdkHNqPOBpdCQXrNhPZCoglQ7t3TkRuxy/5vTWd/OELpijg5n2zOg7zuB5W9Df5VW5h/vp+IMcUoFB6uCbK3YPF0K+GSBBH3+4hBfB5bk5DOf; Expires=Fri, 11 Nov 2022 17:37:12 GMT; Path=/; SameSite=None; Secure
JSESSIONID=abcyPz-CPpEOQS-CSraHM; path=/; HttpOnly
LBJSESSIONID=abcyPz-CPpEOQS-CSraHM.n219; path=/; HttpOnly
Server: Apache
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832
Vary: Accept-Encoding
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7714
Expires: Fri, 04 Nov 2022 19:45:47 GMT
Date: Fri, 04 Nov 2022 17:37:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7714
Expires: Fri, 04 Nov 2022 19:45:47 GMT
Date: Fri, 04 Nov 2022 17:37:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7714
Expires: Fri, 04 Nov 2022 19:45:47 GMT
Date: Fri, 04 Nov 2022 17:37:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7714
Expires: Fri, 04 Nov 2022 19:45:47 GMT
Date: Fri, 04 Nov 2022 17:37:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f6ae0db60213bfddbf2ad71a9fb116bf
915d2895adc3f022c28cc628aeb6e441cbb09d47
ac94f3fd00f0f8f8617d15a3816b07d25d3774e91b287ac181e5efb4ebf95e22

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC94F3FD00F0F8F8617D15A3816B07D25D3774E91B287AC181E5EFB4EBF95E22"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7714
Expires: Fri, 04 Nov 2022 19:45:47 GMT
Date: Fri, 04 Nov 2022 17:37:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OI-hzSDTy-vFSFOZxI98XT8VZmnpFlU_cobzCTkrn4T5NuH8cqybMg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:52:32 GMT
age: 71081
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08eaa5d0-649d-4568-ac8b-ca60d91ab718.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7703 bytes)
Hash
9a763d44e05fa357713a41ab1388974a
d4d2ee1aa9beb5bbd19aaaf590c8a0832fb180cd
f351b7e90e5435af071892b62af3ac591bc553281b3ea63b1ae067a3d03f572d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08eaa5d0-649d-4568-ac8b-ca60d91ab718.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7703
x-amzn-requestid: 4f835957-6df6-4001-9c34-ed9749000b46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0RpFGwoAMF0-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364340a-3f7b7dd36cb07d057b64ec2f;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DknsakNef7SUQhERTPiLozTDA4tl1OEdE8ohicMEfVGvwaLwPX8d_Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:54:49 GMT
age: 70944
etag: "d4d2ee1aa9beb5bbd19aaaf590c8a0832fb180cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10810 bytes)
Hash
c472942cb4b85610a3e83edf7527f923
8191eb019b21bed2b9f53c755e1c24d08dc70760
0dc7f9902567b0130c1c34b6e356b8239f8e6c83e1d38ac9b74588270000279c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10810
x-amzn-requestid: 85c9096f-2671-4f0e-94a3-607254d036d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC057E5yIAMFcXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364350c-3c93b6e56e6141a63d1285eb;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:39:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: i3Kso77aQ6Qt3z3KH189niLwWzWFJz7Y0aMQngNRahdqlMAo76WksQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:52:42 GMT
age: 71071
etag: "8191eb019b21bed2b9f53c755e1c24d08dc70760"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3559 bytes)
Hash
3e2c2868516a60c335361ccef89c6090
b71b29860aca017ac124fb4037cec5dc3101474e
3ac5d5410a9d31317c2f31fe3e08cdb188e26bfffce5275b85cce986f2841d22

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3559
x-amzn-requestid: 63f00dbe-834f-4fbb-91c0-5e5378dc48aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0SvEOaIAMFRBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63643411-43380b3457de631756afdb81;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hit7lhSIgTngtNcj0qlMHVtdtjSdfA6-lP8QBAyhVJfqyS-PaMHNkw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 22:00:51 GMT
etag: "b71b29860aca017ac124fb4037cec5dc3101474e"
content-type: image/jpeg
age: 70582
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11421 bytes)
Hash
2ae2b8d827fb2c8bef64febcd36f1645
f7705fcd2d91ce90c58e79324cce1e3abba6c1c8
2dc55e97ef3a85fccb104b80161a8bac16b12d37527c336563677432584c7ad5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11421
x-amzn-requestid: 8436166b-f342-44e9-9a31-e25dcaa7b85c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a2gEOEYRIAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f46e7-0616a6b95503fffd4f597509;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 03:54:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: g3OtcJnT2JfzIAvUjoLvC8pOzfwGFQ-M0cH4uwNSVcr2T9jYgCihTw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 23:36:56 GMT
age: 64817
etag: "f7705fcd2d91ce90c58e79324cce1e3abba6c1c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7601 bytes)
Hash
ae1ac87f2e6534322ba259d6e06fcaa5
c721a00ae618e6ed997e102fa3d977ef830cac05
2f4cab8b925f6a79ed96b08edc00f04186d33ed9cfd4ba565884a931e83ae408

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7601
x-amzn-requestid: bec1a71e-c5bd-4332-ac60-18b49304a5a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a275aEHYoAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f736f-1b36c60a43415790430fbecf;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 07:04:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MORvkZWLXGvSFYxjnSiYJluJY302y_FTvACRUrEvo7vLYkheyEcE1g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 07:18:27 GMT
age: 37126
etag: "c721a00ae618e6ed997e102fa3d977ef830cac05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

151.101.85.229

200 OK

24 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65326)
Size
24 kB (23906 bytes)
Hash
77348602be5574ea01c6e042f63a9b12
1a0d5e8fdf352f8e58351f85152be5d141547e11
57e4cabfd2685370ba747eb1216a753a389200451202efd886758debf0d33a2a

HTTP Headers

GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 04 Nov 2022 17:37:13 GMT
age: 19648387
x-served-by: cache-fra19178-FRA, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23906
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/video.js@7.9.7/dist/video-js.min.css

151.101.85.229

200 OK

10 kB

URL HTTP/2
cdn.jsdelivr.net/npm/video.js@7.9.7/dist/video-js.min.css
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (40048), with no line terminators
Size
10 kB (10303 bytes)
Hash
71d51659d17feda35a3cf7b77c9a077d
58588e786a0394daa59fe992e3fd2b23a6485be3
1fe0f426d39d7360192b7b9d847210a202512b32da8e8e0ff38d13acb5e22e74

HTTP Headers

GET /npm/video.js@7.9.7/dist/video-js.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 7.9.7
x-jsd-version-type: version
etag: W/"9c74-gctcuC69YhaG/DD9GQ5wdLQgH0k"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 04 Nov 2022 17:37:13 GMT
age: 5758062
x-served-by: cache-fra19138-FRA, cache-bma1669-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10303
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1ec2926e63a926e5dfe7996043dda5f
b419c8aaafba305f568303f348cdafd6f250faf6
a102485c0952b52761e8c577c8c7b0b93a322fc51ffb24ab297bb3ec7ddae814

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 04 Nov 2022 17:37:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13027137
expires: Wed, 25 Oct 2023 17:37:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67H52iVAOWDJ0UXzLYF%2B6nHVK1UHNs79B9qEmGyKlxt2BghsoW3eh%2B2of8kPtlN6nLm4NHhGdM9rnirkhBR0Eji9JgYNBkn21X8j%2FZ%2BLZEBkkD1gzs1HrDc1hhlggT1VaLP5Pbb9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 764f1dcc5e7eb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/axios/0.17.1/axios.min.js

104.17.25.14

200 OK

4.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/axios/0.17.1/axios.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (9720)
Size
4.2 kB (4172 bytes)
Hash
a57d01890efbc29830aac21c0caeb280
92de0d4a380c9f93fb9a1d6d7abd8f24d7864c07
0f0c6980dc1e47e8abf9faa1429846bcad1cd857bcba4cebd1f0a2e958bd45b8

HTTP Headers

GET /ajax/libs/axios/0.17.1/axios.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 04 Nov 2022 17:37:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 4172
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d6a-32b3"
last-modified: Mon, 04 May 2020 16:06:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13026347
expires: Wed, 25 Oct 2023 17:37:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yDLE7QQQy%2BqhICRTigJv4ZpIqOQcK0jS7vfZ0bThkcOu%2FTqgwoYwHOGGLyQqJRtDKJtHNye2ClTwPLwQ3TfQOhzKCf%2FH%2FnWwJaO3hEbj84Hmz%2FUBMGeP2yhV8mHli4VnMOxQFcp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 764f1dcc5e7fb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/vue.min.js

104.17.25.14

200 OK

31 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/vue/2.6.11/vue.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65449)
Size
31 kB (30730 bytes)
Hash
1a1bf25af8925cde90bdfe0d08d1a7ea
dfbbececde0b0f9da27c40fc1f55a808677ac735
e052553db93e43100ac9a938ed485ba3ddf9a24db1eba9a61a225a7947746b5a

HTTP Headers

GET /ajax/libs/vue/2.6.11/vue.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 04 Nov 2022 17:37:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 30730
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402c-16de6"
last-modified: Mon, 04 May 2020 16:17:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6299984
expires: Wed, 25 Oct 2023 17:37:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UW%2B0qXLeAS%2B4WATLNVNNEipXab3y22T8fB8zp39mmKMM1X4b1GWy5gBMI49TaT%2Bbyu8%2BHj69knwfSrkz9c5oqVC%2Byu80XKKqrrrhXDUtgK8sYD3fus4gP1JvlL1sCCtbaoB9EHvP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 764f1dcc8ec6b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js

54.230.245.5

200 OK

8.5 kB

URL HTTP/1.1
d2zah9y47r7bi2.cloudfront.net/releases/current/tracker.js
IP
54.230.245.5:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (573)
Size
8.5 kB (8546 bytes)
Hash
1605fcb0939d3a1501109d035388c766
3923fdd94a1a3d1ef8528f6060a432874722d337
92b913e4d5550ffb15c7ad628cd7a8156ef764cc1094862a988a5b347feac9b7

HTTP Headers

GET /releases/current/tracker.js HTTP/1.1
Host: d2zah9y47r7bi2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 02 Nov 2022 05:55:17 GMT
Last-Modified: Thu, 13 Sep 2018 19:10:28 GMT
ETag: W/"160874c6a444216fd269e7e0e2370aa7"
x-amz-meta-cache-control: s-max-age=3600, max-age=604800, public
Cache-Control: s-max-age=3600, max-age=604800, public
x-amz-meta-content-type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9B-ncCjaARpL08kaiP54-2TEK-Q6xZkfc65WEddlz3XDVIZVYfQgEg==
Age: 214917

mwebnice.com/7605/186/2/?subid=greenyymxnwww

172.67.146.245

302 Found

140 kB

URL HTTP/2
mwebnice.com/7605/186/2/?subid=greenyymxnwww
IP
172.67.146.245:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
140 kB (139802 bytes)
Hash
e9a5f7665be41d74d665b4da230c018f
a6d2df56ff0aa08af9869ae3cdcc8e53c6cf8920
a7cdfc91a237fc83d64a9043867b95376baca61350deeff5252c0d1f9df212c1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /7605/186/2/?subid=greenyymxnwww HTTP/1.1
Host: mwebnice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Fri, 04 Nov 2022 17:37:11 GMT
content-type: text/html; charset=UTF-8
location: https://gardn.ultracartstore.com/aff/D7CF04F5A0F2FB017FF5CD00FE1EF400/index.html?&utm_source=maxweb&utm_medium=email&utm_term=email&utm_content=fg_bowel&utm_campaign=fg_jerusalem&subid=7605_sessid20221104173733850
cache-control: max-age=3600, private
pragma: no-cache
expires: Fri, 04 Nov 2022 18:37:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 764f1dbe29afb51e-OSL
X-Firefox-Spdy: h2

www.googleoptimize.com/optimize.js?id=OPT-PG67L8H

142.250.74.78

200 OK

46 kB

URL HTTP/2
www.googleoptimize.com/optimize.js?id=OPT-PG67L8H
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
46 kB (45733 bytes)
Hash
d26907259b3a3ff05fb6fe19f2b1f768
a436be511f5a9d4bb76dbed908662019b3ebfdbf
802506271883b46269e383a46ae302ddce853b04e6259d88fd1f6959d3304c02

HTTP Headers

GET /optimize.js?id=OPT-PG67L8H HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 04 Nov 2022 17:37:13 GMT
expires: Fri, 04 Nov 2022 17:37:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45733
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/videojs-youtube@2.6.1/dist/Youtube.min.js

151.101.85.229

200 OK

3.8 kB

URL HTTP/2
cdn.jsdelivr.net/npm/videojs-youtube@2.6.1/dist/Youtube.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (13944), with no line terminators
Size
3.8 kB (3833 bytes)
Hash
46bbf3de9ddd00713663cb35620ca495
52873697118219d31013516dc2bdd29117256d7f
fb1474ebffe51947aa8747b220f96c352242611135012603a4211314e60e4d4b

HTTP Headers

GET /npm/videojs-youtube@2.6.1/dist/Youtube.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.6.1
x-jsd-version-type: version
etag: W/"3678-YVZMRnLb6HnSGpkW8sui0W2NjYk"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 04 Nov 2022 17:37:13 GMT
age: 942095
x-served-by: cache-fra19139-FRA, cache-bma1669-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3833
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

104.17.25.14

200 OK

4.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2171)
Size
4.4 kB (4420 bytes)
Hash
44c72b9bddfecacc9114e84d685dd085
38f3ff57b9b64a38fc2153eb30564b7fc1c86349
c82afd4f2d89288b4b79244f0c24264810b11326670710ac8e28e7bfc87c7991

HTTP Headers

GET /ajax/libs/webfont/1.6.28/webfontloader.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 04 Nov 2022 17:37:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04030-30d9"
last-modified: Mon, 04 May 2020 16:17:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 579956
expires: Wed, 25 Oct 2023 17:37:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGvmJvrqPY%2B2xjf3W7%2BdQybJyXu02htOaZ41%2FpxvcPCy7cA5iJxmY6cTvwkoQCx380yGsJbz9ey%2FZM%2BsG2Nb%2FuLQynByFkFU5cGuK%2FRdyPrAHsCfaAEjO1JouWAjOmLvvR18hNH5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 764f1dccef63b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1ec2926e63a926e5dfe7996043dda5f
b419c8aaafba305f568303f348cdafd6f250faf6
a102485c0952b52761e8c577c8c7b0b93a322fc51ffb24ab297bb3ec7ddae814

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f63c04c55d5751dfae5f5153376d064a
5b074983e24220c8a67033f00b2ff0a9465a2fd0
c7eb3139a4d1748366098457fa78bc998053c213357f211e8c987dbf2d6cd091

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125249
Date: Fri, 04 Nov 2022 17:37:13 GMT
Etag: "6364940a-1d7"
Expires: Sun, 06 Nov 2022 04:24:42 GMT
Last-Modified: Fri, 04 Nov 2022 04:24:42 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: co6hFGuZQUJ_nxSdNigkcEMmWhXZbpmGcZRqmNfnUM2DtkiD7iYGEQ==

use.fortawesome.com/de183023.js

151.139.128.8

200 OK

4.0 kB

URL HTTP/2
use.fortawesome.com/de183023.js
IP
151.139.128.8:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (9709)
Size
4.0 kB (3990 bytes)
Hash
26a4bec57cf6292e69e9c3b475a903a9
27300e38419d1a3312f5dc950b88a4fbcbf3397b
6d6a9ebe5af5da81cee0690cd4aa6682d2d4c84dca1c4c3e037f5fa4fe3299bf

HTTP Headers

GET /de183023.js HTTP/1.1
Host: use.fortawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 04 Nov 2022 17:37:14 GMT
content-encoding: gzip
content-length: 3990
content-type: application/javascript
last-modified: Fri, 12 Nov 2021 23:03:10 GMT
accept-ranges: bytes
etag: "bfa45a60c2439cb5baf783a2c0243634"
x-hw: 1667583433.cds250.sk1.hn,1667583433.cds207.sk1.sc,1667583434.cds207.sk1.pr
cache-control: max-age=60, private, must-revalidate
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4da673644d01ab5320827892c4072bf6
5b04867fe34a1c4fd62e87e96ee29e224b4f6f94
6b602c1c31b511f3e5c21400bcd264be5b2d333a7d1435ef99564e8d45fac057

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160564
Date: Fri, 04 Nov 2022 17:37:14 GMT
Etag: "63651dfe-1d7"
Expires: Sun, 06 Nov 2022 14:13:18 GMT
Last-Modified: Fri, 04 Nov 2022 14:13:18 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kUlD5ZxrflBEoE1jLygqr-OO9K5e_sCGG4TSNxHh6oS_RX2IMeO5OA==

use.typekit.net/but5bfb.js

23.36.76.122

200 OK

7.2 kB

URL HTTP/2
use.typekit.net/but5bfb.js
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (4857)
Size
7.2 kB (7152 bytes)
Hash
7f2455adc65093c709ae9e633791c26f
58215c2397f6e3a426915be05ab06f72f932f21a
7f2c5625fcfe4a172befd076fdcacf07f676ec5dcd12c8f0f365e4df3afec99d

HTTP Headers

GET /but5bfb.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 7152
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

gardn.ultracartstore.com/cgi-bin/UCAffiliateNetworkPixel

13.248.135.131

200 OK

745 B

URL HTTP/1.1
gardn.ultracartstore.com/cgi-bin/UCAffiliateNetworkPixel
IP
13.248.135.131:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
745 B (745 bytes)
Hash
8ae4d588cb35ce160ad38c4dcf486324
7a23c240725feaf4889bc7e1384cf579caf017ce
f7633cdf4d87ff4664876a24d6a6a12b43b9dfc7da681befc2fc334b41c59205

HTTP Headers

GET /cgi-bin/UCAffiliateNetworkPixel HTTP/1.1
Host: gardn.ultracartstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 17:37:14 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 745
Connection: keep-alive
Set-Cookie: AWSALB=AcLB7zlEBgIz0y4npQjeEfG6tbebrQLUm0IFXkLoB7q6Ng/q8WC08XKk4Tpvh0GbgLE1jOiYUT+ryt9JOSBbz8Ag48GLI9bXpiuPd3io7/qKXxRVRd5UDthaDTuL; Expires=Fri, 11 Nov 2022 17:37:14 GMT; Path=/
AWSALBCORS=AcLB7zlEBgIz0y4npQjeEfG6tbebrQLUm0IFXkLoB7q6Ng/q8WC08XKk4Tpvh0GbgLE1jOiYUT+ryt9JOSBbz8Ag48GLI9bXpiuPd3io7/qKXxRVRd5UDthaDTuL; Expires=Fri, 11 Nov 2022 17:37:14 GMT; Path=/; SameSite=None; Secure
Server: Apache
X-Content-Type-Options: nosniff
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Vary: Accept-Encoding
Content-Encoding: gzip

use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3

23.36.76.122

200 OK

31 kB

URL HTTP/2
use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), CFF, length 30704, version 1.0\012- data
Size
31 kB (30704 bytes)
Hash
cbae49bae5cbc8469c1a53a6bfbd5b15
a9fd98171826997827d0d02dab92318be2d7d639
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

HTTP Headers

GET /af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 30704
etag: "09d1a94c81035c62708e0a513ee76d7886d15a25"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/f18587/00000000000000007735a07a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3

23.36.76.122

200 OK

18 kB

URL HTTP/2
use.typekit.net/af/f18587/00000000000000007735a07a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 17756, version 1.0\012- data
Size
18 kB (17756 bytes)
Hash
f3b736422e22b9dee8f42866c88c5ee8
d9ba953aec2fa2bd15443babb5c3f274b73847b8
c70be61ebf5ebc5fb158df7bcc05e1a645c16c863901eb8487fc3d14d2ac801a

HTTP Headers

GET /af/f18587/00000000000000007735a07a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 17756
etag: "ec65454125f52ade60a7a7dba7db35136a0a5833"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/50d55e/000000000000000000015235/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3

23.36.76.122

200 OK

44 kB

URL HTTP/2
use.typekit.net/af/50d55e/000000000000000000015235/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 44180, version 1.0\012- data
Size
44 kB (44180 bytes)
Hash
2ac1a2bd891725b1d6dee608a7496d8e
a0d2e71feb35ca464a7575bdfed27a6f74d71b39
4a6594dd17666cfa2ff2c9d601abb32c39ca74fab27f7597b73c8b14743d97b6

HTTP Headers

GET /af/50d55e/000000000000000000015235/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 44180
etag: "f9731f24cd8729a0a5a2f4087491704f5fbc583c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

dndngvalp4jdj.cloudfront.net/bartonnutrition.com/scripts/global/script.min.js?v=1.14.11.13

143.204.42.123

200 OK

73 kB

URL HTTP/2
dndngvalp4jdj.cloudfront.net/bartonnutrition.com/scripts/global/script.min.js?v=1.14.11.13
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type
data
Size
73 kB (73389 bytes)
Hash
ffe3eaf04dda0ee22d483058b4fd4d94
45db22efbde83e4a5c0ba073fc270bc54f82350b
e0698e029c85f1238c702d7989bf30e8458e3d481180971ef4ae38dfd24522f2

HTTP Headers

GET /bartonnutrition.com/scripts/global/script.min.js?v=1.14.11.13 HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: https://bartonnutrition.com
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Thu, 05 May 2022 04:04:54 GMT
x-amz-version-id: q41zcSHm9QaumlOJ9OKG_yFn877kF6R.
server: AmazonS3
content-encoding: gzip
date: Fri, 04 Nov 2022 17:01:57 GMT
cache-control: max-age=86400
etag: W/"1009c6ae604bca9005111f0e2b391377"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TuBE87_V8pMXi9XByiztS3x98IKNHcsXcE1El7v-EMssPuHjwNm0gQ==
age: 2117
X-Firefox-Spdy: h2

use.typekit.net/af/b1c445/00000000000000007735b72e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3

23.36.76.122

200 OK

26 kB

URL HTTP/2
use.typekit.net/af/b1c445/00000000000000007735b72e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), CFF, length 25960, version 1.0\012- data
Size
26 kB (25960 bytes)
Hash
065b4e1af4fa9aa7265af6b67406a6f2
a95be491948c619d61956c17f6fd24f1476827d8
9f5e83e263d393311f0c71497778255cf5b0c41e3d08007d38205eca84cf7e96

HTTP Headers

GET /af/b1c445/00000000000000007735b72e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 25960
etag: "a96a3358485f08484953b2f6f725bd680d120723"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/9e9765/00000000000000007735b72d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3

23.36.76.122

200 OK

21 kB

URL HTTP/2
use.typekit.net/af/9e9765/00000000000000007735b72d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), CFF, length 20836, version 1.0\012- data
Size
21 kB (20836 bytes)
Hash
d71a4ad21bce7ec3071ca2618e705602
26854f587f0273903a726b38554a0299985ce02e
739a7067cd203d3d9eeabc9fe64ef96d40295deac0c5e69ca51548e2df655359

HTTP Headers

GET /af/9e9765/00000000000000007735b72d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 20836
etag: "5d4bca21abcabba77a7a254d0d364f5ddb118c23"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/154cda/00000000000000007735e601/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3

23.36.76.122

200 OK

29 kB

URL HTTP/2
use.typekit.net/af/154cda/00000000000000007735e601/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), CFF, length 28764, version 1.0\012- data
Size
29 kB (28764 bytes)
Hash
46444d3011ed4d27a42c3c07da7cf343
e4aabfe359c882a3f66e7bcb8902c136fe35d438
c862e09dc14a6d0ba890b78cb2f57a6e1df993395106e91bf95d202fc33c4b60

HTTP Headers

GET /af/154cda/00000000000000007735e601/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n1&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 28764
etag: "bb527db1d82be3f299f746453df8abe5f2b6ac67"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/706b32/00000000000000007735b733/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3

23.36.76.122

200 OK

26 kB

URL HTTP/2
use.typekit.net/af/706b32/00000000000000007735b733/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), CFF, length 26148, version 1.0\012- data
Size
26 kB (26148 bytes)
Hash
616853d604fd4c62b94d1ce5d4a27f9c
336a5b2d3737da2dc639e66dcdb621d877c0c2ed
7102361b3ac8d0b22bccee66b1e12789541ea8ef000b97d23966160a731393c1

HTTP Headers

GET /af/706b32/00000000000000007735b733/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26148
etag: "0191c40ab8a1566515b510a5fa8900ded567f877"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/faabc2/00000000000000007735b726/30/l?subset_id=2&fvd=n4&v=3

23.36.76.122

200 OK

17 kB

URL HTTP/2
use.typekit.net/af/faabc2/00000000000000007735b726/30/l?subset_id=2&fvd=n4&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), CFF, length 17256, version 1.0\012- data
Size
17 kB (17256 bytes)
Hash
570222e92ed3a2f73d6efc7835142d28
18d59aceaeadafedd131f17c723970cd76514bd4
2619e993d17dca8366fb80df92ed4bf59845c3e9645e1a62aaa1e57f6d1aa34c

HTTP Headers

GET /af/faabc2/00000000000000007735b726/30/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 17256
etag: "54ab60d8c7d01281aab7898d810568f1ea6226d1"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

use.fortawesome.com/kits/de183023/publications/116494/woff2.css

151.139.128.8

200 OK

35 kB

URL HTTP/2
use.fortawesome.com/kits/de183023/publications/116494/woff2.css
IP
151.139.128.8:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (49777), with no line terminators
Size
35 kB (34641 bytes)
Hash
fcc07140230b9e2bc629196b5a3d5129
013f1056b4b56d00acf1439d46bbe7363a8cb07a
77e8d42086baacd42d4d450090da35df949f195c79c28c4e6a129b8ba290e2ed

HTTP Headers

GET /kits/de183023/publications/116494/woff2.css HTTP/1.1
Host: use.fortawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 04 Nov 2022 17:37:14 GMT
content-encoding: gzip
content-length: 34641
content-type: text/css
last-modified: Fri, 12 Nov 2021 23:03:11 GMT
accept-ranges: bytes
etag: "033f5b3ecc3d214b110cc7e899ac542a"
x-hw: 1667583434.cds250.sk1.hn,1667583434.cds240.sk1.sc,1667583434.cds240.sk1.pr
cache-control: max-age=31536000
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin: *
X-Firefox-Spdy: h2

use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3

23.36.76.122

200 OK

30 kB

URL HTTP/2
use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), CFF, length 29820, version 1.0\012- data
Size
30 kB (29820 bytes)
Hash
22f210f896c47ca032dee5d32edfee1d
18a0f2b6d98fe442047fa2b232705b1587b407cd
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

HTTP Headers

GET /af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29820
etag: "6aeae62b893768150f3460329dc461358e8ab2f5"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3

23.36.76.122

200 OK

32 kB

URL HTTP/2
use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), CFF, length 31620, version 1.0\012- data
Size
32 kB (31620 bytes)
Hash
76bb0b958a918b4d270df75ecf0be2fe
0144c98769bddbfd91ed23a0d0b1d5d86b6b6465
19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30

HTTP Headers

GET /af/3322cc/00000000000000007735e616/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 31620
etag: "45b6acdd85bc39b5dfc108ace1ad2dbe5fca28ba"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/8939f9/00000000000000007735a061/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3

23.36.76.122

200 OK

19 kB

URL HTTP/2
use.typekit.net/af/8939f9/00000000000000007735a061/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 18584, version 1.0\012- data
Size
19 kB (18584 bytes)
Hash
0598affe7cfd67517aa67dd93804948d
7f9a53989ab0df5f7aa87946bbc39dd7214a19b6
fd8967417795f539dbb323ead019548f84a3875f7c2277db47d2d7ed630a48c1

HTTP Headers

GET /af/8939f9/00000000000000007735a061/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 18584
etag: "688538e722636b5c39cb4cffbe6ad7c0119c9521"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/1c0a46/00000000000000007735a075/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3

23.36.76.122

200 OK

18 kB

URL HTTP/2
use.typekit.net/af/1c0a46/00000000000000007735a075/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 18344, version 1.0\012- data
Size
18 kB (18344 bytes)
Hash
ff7524552cf0fd91af6dc3bc5bde3916
2e4ad19e572a725a7e99bf285af8f6f787398b87
eb2ab77f8552bd8d85786562fffbbe755cd3ea6eca947effeca628b958577eb3

HTTP Headers

GET /af/1c0a46/00000000000000007735a075/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 18344
etag: "68620a9633e2b83b88bae6a4be941c90d40be2ce"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/global/pixel.gif

143.204.42.123

200 OK

43 B

URL HTTP/2
dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/global/pixel.gif
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

HTTP Headers

GET /bartonnutrition.com/images/global/pixel.gif HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 43
last-modified: Wed, 22 Jul 2020 19:54:59 GMT
x-amz-version-id: JPKws933XpaeoKWY679SblCsuAqb808s
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Nov 2022 16:48:33 GMT
cache-control: max-age=2600000
etag: "db04c7b378cb2db912c3ba8a5a774ee3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OfAkXYJ1FxKJED966CAH7SlDoQ9o5NM_1N2yth5Umuo0ZDHjI2Rb9Q==
age: 2922
X-Firefox-Spdy: h2

dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/video/012/01-offer.jpg

143.204.42.123

200 OK

20 kB

URL HTTP/2
dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/video/012/01-offer.jpg
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x350, components 3\012- data
Size
20 kB (20312 bytes)
Hash
d8575e86b99a7ccbff9420ca92cd1233
8b5dacf3b2b1f15689fe1a1ffc0c532ca1e6d657
e8051a857b34ea5baa4680d9e1b302faf41bf5f437b03cfc66d31bafbb050fa9

HTTP Headers

GET /bartonnutrition.com/images/video/012/01-offer.jpg HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 20312
last-modified: Tue, 15 Mar 2022 21:43:04 GMT
x-amz-version-id: N22ZvpbkjCF2HABjfZwgM00qCMnYnqkX
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Nov 2022 16:48:33 GMT
cache-control: max-age=2600000
etag: "d8575e86b99a7ccbff9420ca92cd1233"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Nwk1L9QEh0mx_x0ax_nDhfzThgIVgio53JdjQymoOX7JRKevQnKEzA==
age: 2922
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a5d4b842609f6045375831b38e084bd6
da4f96dd16f2c98a38c5947ed71e0bbf26acb385
35bf1d7d65d961ed077bdfade821e28afba73ae13cc2143a11ad4cce1fc27cb4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6492
Cache-Control: max-age=94296
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:14 GMT
Etag: "636401c6-117"
Expires: Sat, 05 Nov 2022 19:48:50 GMT
Last-Modified: Thu, 03 Nov 2022 18:00:38 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 279

dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/video/012/add-to-cart.png

143.204.42.123

200 OK

74 kB

URL HTTP/2
dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/video/012/add-to-cart.png
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type
PNG image data, 800 x 175, 8-bit/color RGBA, non-interlaced\012- data
Size
74 kB (73562 bytes)
Hash
86ad81bd78eceb2724ef77f9dadeb314
ee1fd3a99822889d4e446b1d51ccbffe24f7c7aa
236785a291323e5db370be614d7d3d048617c2f4cf9103b4688e0c682b4b36a1

HTTP Headers

GET /bartonnutrition.com/images/video/012/add-to-cart.png HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 73562
last-modified: Tue, 15 Mar 2022 21:43:09 GMT
x-amz-version-id: yZp4GPWfPCujsIUd3pW400SwQLMzNeCB
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Nov 2022 16:48:33 GMT
cache-control: max-age=2600000
etag: "86ad81bd78eceb2724ef77f9dadeb314"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FtiKCw--aExFGFXoHFw3Wf6qG0EYGqv_WbHcouAerH81q32WlIVduQ==
age: 2922
X-Firefox-Spdy: h2

d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect.js?mid=GARDN&channel=secure.bartonnutrition.com

143.204.42.153

200 OK

102 kB

URL HTTP/2
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect.js?mid=GARDN&channel=secure.bartonnutrition.com
IP
143.204.42.153:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5690), with CRLF, LF line terminators
Size
102 kB (102157 bytes)
Hash
4e88eefd8308206bb7998f8fc3f959af
c692b1620fdf8d9ede729c9fbbf9521a844fde0b
9d7774b740b1d0db487d0c76b7a27d3772288ae1d542cfad8026648d091e7e07

HTTP Headers

GET /UC/62/uca/0.1.0/js/collect.js?mid=GARDN&channel=secure.bartonnutrition.com HTTP/1.1
Host: d9i5ve8f04qxt.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript; charset=UTF-8
content-length: 102157
date: Fri, 04 Nov 2022 02:01:26 GMT
last-modified: Fri, 21 Oct 2022 13:37:11 GMT
etag: "4e88eefd8308206bb7998f8fc3f959af"
cache-control: max-age=604800,s-maxage=604800
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 70l6arMf3I0JMTj1DMVZmNEvW2x8jVffN0Tr07Ft7fWVzdDp_QTMmA==
age: 56149
X-Firefox-Spdy: h2

dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/video/012/02-offer.jpg

143.204.42.123

200 OK

38 kB

URL HTTP/2
dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/video/012/02-offer.jpg
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x350, components 3\012- data
Size
38 kB (38066 bytes)
Hash
721d978a326f3c45fde8f006ea52144a
bc5925c2114fcb9225aa3b707206a074c1254139
990c38230ea2b29e4856e299283f7fb07464af249b91da857c545266b6f604aa

HTTP Headers

GET /bartonnutrition.com/images/video/012/02-offer.jpg HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 38066
last-modified: Tue, 22 Mar 2022 20:37:37 GMT
x-amz-version-id: aqJAnRbpXdWBCcjsOT2UKDgz66jHDwv6
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Nov 2022 16:48:33 GMT
cache-control: max-age=2600000
etag: "721d978a326f3c45fde8f006ea52144a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PcOSjNOt8DNFRHc3pXezLW5Ckm7nXgqi3fc10WA4a1mDHn1xB4Uq4Q==
age: 2922
X-Firefox-Spdy: h2

dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/global/flower-placeholder.jpg

143.204.42.123

200 OK

208 kB

URL HTTP/2
dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/global/flower-placeholder.jpg
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size
208 kB (208233 bytes)
Hash
9ccac4c439cfce2fabcad73d5862bf56
9c86a3c4c54373c5e50e54d9751f30db71b12596
5fc4a7c962748b9658631aa7817a76a84dfe2a25d5f6271e72fbc8ec80a1b841

HTTP Headers

GET /bartonnutrition.com/images/global/flower-placeholder.jpg HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 208233
last-modified: Tue, 22 Mar 2022 20:37:38 GMT
x-amz-version-id: EEuPIRa9R_yQja8sVMf5ncpxY7.144iL
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Nov 2022 16:48:33 GMT
cache-control: max-age=2600000
etag: "9ccac4c439cfce2fabcad73d5862bf56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KTiey9_hBzH9CrSXYGbCpUJgXT7al_e-qNTjCHFsNUwOgHyPXQmoSg==
age: 2922
X-Firefox-Spdy: h2

dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/video/012/03-offer.jpg

143.204.42.123

200 OK

31 kB

URL HTTP/2
dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/video/012/03-offer.jpg
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x350, components 3\012- data
Size
31 kB (31446 bytes)
Hash
eb9acb7344612425f061123762f158fe
911ccfb0b7e29fd6969e5f275d3fac1afcceb044
4d191ccc3933ee02fc2200cb39367f969f125918b9e3876d1e237b19665912cf

HTTP Headers

GET /bartonnutrition.com/images/video/012/03-offer.jpg HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 31446
last-modified: Tue, 15 Mar 2022 21:43:04 GMT
x-amz-version-id: sUgpwiJG_U7tsh08wP1b2xl3xExRUJwm
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Nov 2022 16:48:33 GMT
cache-control: max-age=2600000
etag: "eb9acb7344612425f061123762f158fe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z13gFUVvfPZwXLLSpYRC1_jHkIh71r_VsshH9RkAvvEjx_n-CmLrhQ==
age: 2922
X-Firefox-Spdy: h2

p.typekit.net/p.gif?s=1&k=but5bfb&ht=tk&h=bartonnutrition.com&f=139.171.175.176.14541.14546.14548.15700.15725.41697.41708.41710.41719&a=2068922&js=1.21.0&app=typekit&e=js&_=1667583433557

23.36.76.122

200 OK

35 B

URL HTTP/2
p.typekit.net/p.gif?s=1&k=but5bfb&ht=tk&h=bartonnutrition.com&f=139.171.175.176.14541.14546.14548.15700.15725.41697.41708.41710.41719&a=2068922&js=1.21.0&app=typekit&e=js&_=1667583433557
IP
23.36.76.122:0
ASN
#20940 Akamai International B.V.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

HTTP Headers

GET /p.gif?s=1&k=but5bfb&ht=tk&h=bartonnutrition.com&f=139.171.175.176.14541.14546.14548.15700.15725.41697.41708.41710.41719&a=2068922&js=1.21.0&app=typekit&e=js&_=1667583433557 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Fri, 04 Nov 2022 17:37:14 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1e621d5bb6fab8b48d9ada58825c783c
61bd0fbfb86d4381c273d2968af4d72c2d199458
b3f60319e256fc417a33cb7f88c0cb2a7997190e23c275cb6caefa600ad47c77

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5156
Cache-Control: max-age=118174
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:14 GMT
Etag: "63646444-1d7"
Expires: Sun, 06 Nov 2022 02:26:48 GMT
Last-Modified: Fri, 04 Nov 2022 01:00:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2f5c65a3f5563a7aba42ad051e9a86c9
3eb72a7a542a29325e92c1137f45b7c013ed96c1
5e0a5f456db98e26a70f1e587b810b5cca2b9b2809026a397bf6862da0f8dea0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dw26xg4lubooo.cloudfront.net/seals/privacy/2593-small-gray.gif

54.230.245.47

200 OK

4.2 kB

URL HTTP/1.1
dw26xg4lubooo.cloudfront.net/seals/privacy/2593-small-gray.gif
IP
54.230.245.47:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 100 x 69\012- data
Size
4.2 kB (4247 bytes)
Hash
8dade778902d45efdd3b47cb0c0f1ff3
c1a97025e39c9d23f1880f8c846b6f07f0bef856
ba0d53295e262b7e25cea1f4acd36a6912178e74dc763a9d992f095b59044c45

HTTP Headers

GET /seals/privacy/2593-small-gray.gif HTTP/1.1
Host: dw26xg4lubooo.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 4247
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 05:03:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 764c2529cccb9b46-FRA
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6CUxkY9oyo0HDmhzurhEd9lOBX8p-6tH66XXpxlkUpxasfzFRrwa-w==
Age: 2116

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 04 Nov 2022 16:41:09 GMT
expires: Fri, 04 Nov 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 3365
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dw26xg4lubooo.cloudfront.net/seals/privacy/2593-header-gray.gif

54.230.245.47

200 OK

3.8 kB

URL HTTP/1.1
dw26xg4lubooo.cloudfront.net/seals/privacy/2593-header-gray.gif
IP
54.230.245.47:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 150 x 49\012- data
Size
3.8 kB (3786 bytes)
Hash
69c9a5cf81bc00cabc77d253a896fc7d
38df71657d9138104893a2b4cb233aa660cfa066
78923b757a00d082f41c280970a9c149636a07d8829a80844c7e2c9b9a26b2ef

HTTP Headers

GET /seals/privacy/2593-header-gray.gif HTTP/1.1
Host: dw26xg4lubooo.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 3786
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 05:03:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 764bbaac3dfd9153-FRA
Date: Fri, 04 Nov 2022 15:46:14 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BV0lcWRBVdjDr2Ke7jbHXkrERhRT2jjm_H5zfonqy3P0qlgikpDfDA==
Age: 6660

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
131c7090b83892c62eb57cfbddad9082
9e295e5490562d657fd0d35a1b8f4e4e2eaf8471
e72c487fa6f0ec7920830ef7c8e19fccd140c738474db96919610ea11f4111ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ssl.google-analytics.com/ga.js

142.250.74.72

200 OK

17 kB

URL HTTP/2
ssl.google-analytics.com/ga.js
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Fri, 04 Nov 2022 16:32:37 GMT
expires: Fri, 04 Nov 2022 18:32:37 GMT
cache-control: public, max-age=7200
age: 3877
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dw26xg4lubooo.cloudfront.net/seals/security/2593-small-gray.gif

54.230.245.47

200 OK

4.2 kB

URL HTTP/1.1
dw26xg4lubooo.cloudfront.net/seals/security/2593-small-gray.gif
IP
54.230.245.47:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 100 x 69\012- data
Size
4.2 kB (4189 bytes)
Hash
9a204798079b724016a6623bf7422a6f
13ca02ac727e58947663cfc646c966f57aabaeb6
5692aa18abd621d7d9f8b9b48b42a031072d8198c2a9065c8f59296d4715c084

HTTP Headers

GET /seals/security/2593-small-gray.gif HTTP/1.1
Host: dw26xg4lubooo.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 4189
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 05:03:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 764b129e4d9f6931-FRA
Date: Fri, 04 Nov 2022 13:51:18 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dKGcbsU0GoaUkXuFAArg8rufrnTnykh4bqeJZlVxosOIoDmno2LPjw==
Age: 14316

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
667755b7a91dcaf6e0742e6dadbca816
19c3ab166e7a4c47eb95c928e852e7bef6fac5d0
accb77411cf4ebd4338954ccbe530aa549200a9fc2fa454c647e0906108b3718

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googleadservices.com/pagead/conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=

142.250.74.130

302 Found

42 B

URL HTTP/2
www.googleadservices.com/pagead/conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data= HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.googletagmanager.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 17:37:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yk1lY_7UMZDl6wS_o7KACQ&random=2066210329&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27337 bytes)
Hash
0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ohgW69rTVzndBEyw8l7DTx1WqS5DJWiTjDDiSfZhnYvc44AAUY8p34CXbcrlfxZ0Y+xh6w/DoOGPhJdNdM1dTw==
content-length: 27337
x-fb-trip-id: 1904183273
date: Fri, 04 Nov 2022 17:37:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a6913d09d2b8cbd80ef370c1997143ec
61873208c5852b9f13b1a60d408ec8b239c48c81
291bfcf11419acdfafebb4a1d789302bcbae25eff3a3a847a251e912ef5854b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8M5DP1FGCG&cid=227172468.1667583433&gtm=2oeb20&aip=1&z=1029305062

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8M5DP1FGCG&cid=227172468.1667583433&gtm=2oeb20&aip=1&z=1029305062
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8M5DP1FGCG&cid=227172468.1667583433&gtm=2oeb20&aip=1&z=1029305062 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 17:37:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

b-code.liadm.com/a-075m.min.js

143.204.55.112

200 OK

11 kB

URL HTTP/2
b-code.liadm.com/a-075m.min.js
IP
143.204.55.112:0
ASN
#16509 AMAZON-02

File type
data
Size
11 kB (11059 bytes)
Hash
2b18f4aa7d87c1cc1746b1e5096b82f5
8ac4b7491190028c40fca6251d596eb5b6339533
c79d07c8d0960e26d6dda0b3b4dec00f9d64259e3cf9842872d09eac240342b6

HTTP Headers

GET /a-075m.min.js HTTP/1.1
Host: b-code.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 03 Nov 2022 20:53:10 GMT
cache-control: public, max-age=86400
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jElCZHgkaYgGvdrTynKbLUHX_GrrwV5-xB8IU42H99lhwJaQZkixkw==
age: 74644
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/765746930/?random=1667583432937&cv=11&fst=1667583432937&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&tiba=Jerusalem%20Flower&auid=2077802470.1667583433&rfmt=3&fmt=4

216.58.211.2

200 OK

971 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/765746930/?random=1667583432937&cv=11&fst=1667583432937&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&tiba=Jerusalem%20Flower&auid=2077802470.1667583433&rfmt=3&fmt=4
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2143), with no line terminators
Size
971 B (971 bytes)
Hash
77b7c8b731349765cf5dedfdc8de36c3
9c4d4de321479fa16cde292958246caded773399
3643de05233699672750714f5b1b9d3c08eb9a36b92b5ef36deb098150343d81

HTTP Headers

GET /pagead/viewthroughconversion/765746930/?random=1667583432937&cv=11&fst=1667583432937&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&tiba=Jerusalem%20Flower&auid=2077802470.1667583433&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 17:37:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 971
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Nov-2022 17:52:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0417bec301af6407f5bc67afbd80ad38
318d6685ef160cb831e04d20186189e1dfd667df
30b17749ed29c95bfd5132e28ee08fa3b53731674f5c3a625952db94313aa281

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
131c7090b83892c62eb57cfbddad9082
9e295e5490562d657fd0d35a1b8f4e4e2eaf8471
e72c487fa6f0ec7920830ef7c8e19fccd140c738474db96919610ea11f4111ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yk1lY_7UMZDl6wS_o7KACQ&random=2066210329&sscte=1&crd=

216.58.211.2

302 Found

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yk1lY_7UMZDl6wS_o7KACQ&random=2066210329&sscte=1&crd=
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yk1lY_7UMZDl6wS_o7KACQ&random=2066210329&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.googletagmanager.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 17:37:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2066210329&sscte=1&crd=&is_vtc=1&ocp_id=yk1lY_7UMZDl6wS_o7KACQ&random=2279482815
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 04-Nov-2022 17:52:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gardn.ultracartstore.com/cgi-bin/UCAffiliateNetworkPixel?t=0.354312064132174&r=&u=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832

13.248.135.131

200 OK

0 B

URL HTTP/1.1
gardn.ultracartstore.com/cgi-bin/UCAffiliateNetworkPixel?t=0.354312064132174&r=&u=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832
IP
13.248.135.131:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cgi-bin/UCAffiliateNetworkPixel?t=0.354312064132174&r=&u=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832 HTTP/1.1
Host: gardn.ultracartstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Cookie: AWSALBCORS=AcLB7zlEBgIz0y4npQjeEfG6tbebrQLUm0IFXkLoB7q6Ng/q8WC08XKk4Tpvh0GbgLE1jOiYUT+ryt9JOSBbz8Ag48GLI9bXpiuPd3io7/qKXxRVRd5UDthaDTuL
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 17:37:14 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=cGDqtmLhO7psCpU7CIw2ZCpoAbUpSniFn6PrZSONitM2NiYr1HyfxK52jZiQrironfMt9tOo1oL2eNZoJHF2tQJwjxE9vFlYBRbXEjiZzw47y7rdJoLMoBW/0USF; Expires=Fri, 11 Nov 2022 17:37:14 GMT; Path=/
AWSALBCORS=cGDqtmLhO7psCpU7CIw2ZCpoAbUpSniFn6PrZSONitM2NiYr1HyfxK52jZiQrironfMt9tOo1oL2eNZoJHF2tQJwjxE9vFlYBRbXEjiZzw47y7rdJoLMoBW/0USF; Expires=Fri, 11 Nov 2022 17:37:14 GMT; Path=/; SameSite=None; Secure
Server: Apache

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4f3550efa3bf92b445c37464ebaf51d2
59c290ec202ef58a09b94b07ee572a0cfa82fdf8
f991e10b9cdaea0ffb2aca42bbb0e5a7ac85d1b71d0ba76ccf906bc38b28e81e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99777
Date: Fri, 04 Nov 2022 17:37:14 GMT
Etag: "63642d79-1d7"
Expires: Sat, 05 Nov 2022 21:20:11 GMT
Last-Modified: Thu, 03 Nov 2022 21:07:05 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R_2mlw1LfZGt6p4c_ZHkrPDb4KzEwcTLSRL3wA9ZgPfTHEgOwt81EA==
Age: 786

www.youtube.com/s/player/03bec62d/www-widgetapi.vflset/www-widgetapi.js

142.250.74.46

200 OK

53 kB

URL HTTP/2
www.youtube.com/s/player/03bec62d/www-widgetapi.vflset/www-widgetapi.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (817)
Size
53 kB (52800 bytes)
Hash
efbe5d693c29988cd946bacd530b5424
45a2aa278239d51efe6141f66909e0168ffe10c2
696e8e37891b75f8b331acfd60dc86042657593af43aeb40b2c50881e31059b9

HTTP Headers

GET /s/player/03bec62d/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 52800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 13:37:09 GMT
expires: Sat, 04 Nov 2023 13:37:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
content-type: text/javascript
age: 14405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4a9066e8faeec7f06d9a7e91bef8ff52
699ce1c29412a4c3f9018f4deceb3db399ddcd29
46461d19bf1ea06f23d89c4179135eaca9d7c8753a91e913b3adaf2615bee36f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.youtube.com/iframe_api

142.250.74.46

200 OK

958 B

URL HTTP/2
www.youtube.com/iframe_api
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (509)
Size
958 B (958 bytes)
Hash
fde34fde2bf6dbf10a9aab37e5f0a12d
85c17dee58ca48254123c42d2ef78cb5ddf3964b
f468dbd387cfe03b21b9f581529332fb4fa2127d50f63e05fffbdb40b3cfb977

HTTP Headers

GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Fri, 04 Nov 2022 17:37:14 GMT
date: Fri, 04 Nov 2022 17:37:14 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=y3Iqo3JhyAs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=BjcxmvB9zWM; Domain=.youtube.com; Expires=Wed, 03-May-2023 17:37:14 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+917; expires=Sun, 03-Nov-2024 17:37:14 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dw26xg4lubooo.cloudfront.net/seals/business/2593-small-gray.gif

54.230.245.47

200 OK

4.4 kB

URL HTTP/1.1
dw26xg4lubooo.cloudfront.net/seals/business/2593-small-gray.gif
IP
54.230.245.47:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 100 x 69\012- data
Size
4.4 kB (4391 bytes)
Hash
9130f678908e31c6c8a350570114cafa
464a03e12c7f6ce3e5a6ae80c65ada9279562d8b
947666749d6b1dda0d0f5b4272ff0ec7fd38ddab2d5c5b3ff45cd0eca28a6738

HTTP Headers

GET /seals/business/2593-small-gray.gif HTTP/1.1
Host: dw26xg4lubooo.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 4391
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 05:03:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 764c2522ef029b46-FRA
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0yVfBN831grULE7rYslhANyfLqhwQ10l0XdNK0gDyeHPRBR0Xbbvdw==
Age: 1989

dw26xg4lubooo.cloudfront.net/seals/certified/2593-small-gray.gif

54.230.245.47

200 OK

4.1 kB

URL HTTP/1.1
dw26xg4lubooo.cloudfront.net/seals/certified/2593-small-gray.gif
IP
54.230.245.47:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 100 x 69\012- data
Size
4.1 kB (4147 bytes)
Hash
4f6b70ff5acd2cb61a9e04f4ae4b66d9
85150205b8af5f0aff1a7a2e9f97e0c18526b8b5
cc451b6939245ec258d185c8e4a41dfe3fc86cb606b5e2136c836e93a7d7bc91

HTTP Headers

GET /seals/certified/2593-small-gray.gif HTTP/1.1
Host: dw26xg4lubooo.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 4147
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 05:03:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: MISS
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 764bbaabda11928f-FRA
Date: Fri, 04 Nov 2022 15:46:14 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jSdBI1Y23THj65uFqjJQ89xF64EF5_yVf-0f7Izl8AwQqW5KfDqYvw==
Age: 6660

dw26xg4lubooo.cloudfront.net/seals/security/2593-header-gray.gif

54.230.245.47

200 OK

4.0 kB

URL HTTP/1.1
dw26xg4lubooo.cloudfront.net/seals/security/2593-header-gray.gif
IP
54.230.245.47:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 150 x 49\012- data
Size
4.0 kB (4022 bytes)
Hash
92d63e2ca826446ebc3c26e327e1a7eb
270bee70e49a1b7a5647eeff7f24eb6e08309343
ce82e63dab0b32b433ba291115e8088299c2b0b3d4da1251aa91b68acd9954c2

HTTP Headers

GET /seals/security/2593-header-gray.gif HTTP/1.1
Host: dw26xg4lubooo.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 4022
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 05:03:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 764c252aff2fbbe6-FRA
Date: Fri, 04 Nov 2022 17:04:05 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: G5DJZLU3LBzK_N2cI4ZwQES633Yyiujv7_EbeZdZC136EYU5c1RD5A==
Age: 1989

dw26xg4lubooo.cloudfront.net/seals/certified/2593-header-gray.gif

54.230.245.47

200 OK

3.7 kB

URL HTTP/1.1
dw26xg4lubooo.cloudfront.net/seals/certified/2593-header-gray.gif
IP
54.230.245.47:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 150 x 49\012- data
Size
3.7 kB (3713 bytes)
Hash
5a4418607eba7319f277d34911a47d1e
f8db29a5400ae0610b97d78f516f8972fe269649
557dc5ae7d7b040193ed5a70112cbf03c7cc5431f7c36c2ee251cfcffbfbb89e

HTTP Headers

GET /seals/certified/2593-header-gray.gif HTTP/1.1
Host: dw26xg4lubooo.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 3713
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 05:03:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 764b8095be155b4a-FRA
Date: Fri, 04 Nov 2022 15:08:17 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6umUgI7dz2jo4bt-PmAdKixFrFskdUqk5c9FqGehHz7hDp8aW9vijA==
Age: 8937

dw26xg4lubooo.cloudfront.net/seals/business/2593-header-gray.gif

54.230.245.47

200 OK

4.0 kB

URL HTTP/1.1
dw26xg4lubooo.cloudfront.net/seals/business/2593-header-gray.gif
IP
54.230.245.47:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 150 x 49\012- data
Size
4.0 kB (3960 bytes)
Hash
4eaf1ef3c4a884a62d6396f2ec22d749
67153e917e90ed6334b061f4789fe265d0b8e7aa
39572599ecd51dceea0680c9617e9e216b9fcb6f9031b9e1a2d8f707e378cd8e

HTTP Headers

GET /seals/business/2593-header-gray.gif HTTP/1.1
Host: dw26xg4lubooo.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 3960
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 05:03:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADMa OPTa OUR NOR"
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 764c252ceaf99b5d-FRA
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: max-age=14400, must-revalidate
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Bcsuyg7_rfexgNSdynGHRRJXQpBE411ety_jHjBTsiYRkQdSJjZ9-w==
Age: 2115

d1pqvb2h9xgm7r.cloudfront.net/v1/rt

143.204.42.134

204 No Content

0 B

URL HTTP/2
d1pqvb2h9xgm7r.cloudfront.net/v1/rt
IP
143.204.42.134:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/rt HTTP/1.1
Host: d1pqvb2h9xgm7r.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bartonnutrition.com/
Origin: https://bartonnutrition.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 04 Nov 2022 04:44:34 GMT
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-max-age: 300
apigw-requestid: bDzL5jhbIAMES_g=
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HQJlrdr4LCBt2-ldB_FmvfkSz0bzOfS-DELsbQD6wxaKh6nEC2SimA==
age: 46360
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4e07861c1447376729f17ea09b72ca90
dd3f1d68fd87b4ba20c03e2f31ddc6a294b38cd3
d8953ad7676624da5b08bc21e4e68a647a636709f5fc9c4b0a4e8914f37adfc0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d1pqvb2h9xgm7r.cloudfront.net/v1/rt

143.204.42.134

204 No Content

0 B

URL HTTP/2
d1pqvb2h9xgm7r.cloudfront.net/v1/rt
IP
143.204.42.134:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v1/rt HTTP/1.1
Host: d1pqvb2h9xgm7r.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bartonnutrition.com/
Origin: https://bartonnutrition.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 04 Nov 2022 04:44:34 GMT
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-max-age: 300
apigw-requestid: bDzL5jhbIAMES_g=
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fU7mwWhHltUiZMZkk-gqeCfGGLEGriBqcntM5VgsHotIINFMGDooKQ==
age: 46361
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/765746930/?random=1667583432937&cv=11&fst=1667581200000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&tiba=Jerusalem%20Flower&fmt=3&is_vtc=1&random=1765676682&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/765746930/?random=1667583432937&cv=11&fst=1667581200000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&tiba=Jerusalem%20Flower&fmt=3&is_vtc=1&random=1765676682&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/765746930/?random=1667583432937&cv=11&fst=1667581200000&bg=ffffff&guid=ON&async=1&gtm=2wgb20&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&tiba=Jerusalem%20Flower&fmt=3&is_vtc=1&random=1765676682&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 17:37:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2066210329&sscte=1&crd=&is_vtc=1&ocp_id=yk1lY_7UMZDl6wS_o7KACQ&random=2279482815

142.250.74.164

302 Found

42 B

URL HTTP/2
www.google.com/pagead/1p-conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2066210329&sscte=1&crd=&is_vtc=1&ocp_id=yk1lY_7UMZDl6wS_o7KACQ&random=2279482815
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2066210329&sscte=1&crd=&is_vtc=1&ocp_id=yk1lY_7UMZDl6wS_o7KACQ&random=2279482815 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.googletagmanager.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 17:37:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/765746930/?url=https%3A%2F%2Fbartonnutrition.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2066210329&sscte=1&crd=&is_vtc=1&ocp_id=yk1lY_7UMZDl6wS_o7KACQ&random=2279482815&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-XM17T9CF1F&gtm=2oeb20&_p=1781338688&cid=227172468.1667583433&ul=en-us&sr=1280x1024&_s=1&sid=1667583433&sct=1&seg=0&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&dt=Jerusalem%20Flower&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

86 kB

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-XM17T9CF1F&gtm=2oeb20&_p=1781338688&cid=227172468.1667583433&ul=en-us&sr=1280x1024&_s=1&sid=1667583433&sct=1&seg=0&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&dt=Jerusalem%20Flower&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
86 kB (86026 bytes)
Hash
3a9697b864230e32c08349e1e0c7dda6
c862430d0a740e5b2e6de9329f1e21e38c37db42
0ec8d92d7dbc69b3fc4da07e94321b60564b81d724245f7b49e6d029dc27da5a

HTTP Headers

POST /g/collect?v=2&tid=G-XM17T9CF1F&gtm=2oeb20&_p=1781338688&cid=227172468.1667583433&ul=en-us&sr=1280x1024&_s=1&sid=1667583433&sct=1&seg=0&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&dt=Jerusalem%20Flower&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://bartonnutrition.com
date: Fri, 04 Nov 2022 17:37:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/global/favicon.png?v=1.14.11.13

143.204.42.123

200 OK

4.7 kB

URL HTTP/2
dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/global/favicon.png?v=1.14.11.13
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
4.7 kB (4730 bytes)
Hash
85bc409ab592d7fb22bb7f82b72f6fef
7a60d2766ed2b9e5a1bed449cd4361a3a6fc4579
d0dc73e92a9d3d78d882cf77c7fdc915f8fea96255e901120ef3cd3f53a1e556

HTTP Headers

GET /bartonnutrition.com/images/global/favicon.png?v=1.14.11.13 HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 4730
date: Fri, 04 Nov 2022 17:37:16 GMT
last-modified: Thu, 29 Oct 2020 21:08:25 GMT
etag: "85bc409ab592d7fb22bb7f82b72f6fef"
cache-control: max-age=2600000
x-amz-version-id: O.Zm8vNYb0ZIYzww17ZJK98TAm8.GflO
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: K9K7KG9egs6IKyMDFNg2us7_zGxQtB9__RZGA9qvV6pbk4eGmWTkkg==
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-8M5DP1FGCG&gtm=2oeb20&_p=1781338688&_gaz=1&cid=227172468.1667583433&ul=en-us&sr=1280x1024&_s=1&sid=1667583433&sct=1&seg=0&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&dt=Jerusalem%20Flower&en=page_view&_fv=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-8M5DP1FGCG&gtm=2oeb20&_p=1781338688&_gaz=1&cid=227172468.1667583433&ul=en-us&sr=1280x1024&_s=1&sid=1667583433&sct=1&seg=0&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&dt=Jerusalem%20Flower&en=page_view&_fv=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8M5DP1FGCG&gtm=2oeb20&_p=1781338688&_gaz=1&cid=227172468.1667583433&ul=en-us&sr=1280x1024&_s=1&sid=1667583433&sct=1&seg=0&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&dt=Jerusalem%20Flower&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://bartonnutrition.com
date: Fri, 04 Nov 2022 17:37:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-8M5DP1FGCG&cid=227172468.1667583433&gtm=2oeb20&aip=1

64.233.162.155

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-8M5DP1FGCG&cid=227172468.1667583433&gtm=2oeb20&aip=1
IP
64.233.162.155:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8M5DP1FGCG&cid=227172468.1667583433&gtm=2oeb20&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://bartonnutrition.com
date: Fri, 04 Nov 2022 17:37:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=368276591178798&ev=PageView&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&rl=&if=false&ts=1667583434004&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667583434003.1843644299&it=1667583433762&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=368276591178798&ev=PageView&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&rl=&if=false&ts=1667583434004&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667583434003.1843644299&it=1667583433762&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=368276591178798&ev=PageView&dl=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&rl=&if=false&ts=1667583434004&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667583434003.1843644299&it=1667583433762&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 04 Nov 2022 17:37:15 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
e6d3acc112fd8108504acdf4d1ea18e9
cb1c81a0e7bf859d77522eac1b1698c2111f0053
fba1859997e87cb37be5de5248dff737e108b5e4bdae57786fba06202b0a461c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4519
Cache-Control: max-age=98077
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 17:37:15 GMT
Etag: "63641841-2d7"
Expires: Sat, 05 Nov 2022 20:51:52 GMT
Last-Modified: Thu, 03 Nov 2022 19:36:33 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 727

capture.trackjs.com/capture?token=5a697d58eec24ae599b030cf7cc56ebd

15.235.42.36

200 OK

0 B

URL HTTP/2
capture.trackjs.com/capture?token=5a697d58eec24ae599b030cf7cc56ebd
IP
15.235.42.36:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /capture?token=5a697d58eec24ae599b030cf7cc56ebd HTTP/1.1
Host: capture.trackjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3701
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 17:37:15 GMT
content-length: 0
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
X-Firefox-Spdy: h2

rp.liadm.com/j?dtstmp=1667583433861&aid=a-075m&se=e30&duid=9fdfca52ca67--01gh1vfpy7v5mn2b9725z3mfrc&tna=v2.5.0&pu=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&wpn=lc-bundle&c=PHRpdGxlPkplcnVzYWxlbSBGbG93ZXI8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaXNjb3ZlciBuYXR1cmFsIHdheXMgdG8gc3VwcG9ydCB5b3VyIGJvZHkncyBuYXR1cmFsIGhlYWxpbmcgcmVzcG9uc2Ugc3lzdGVtLiI-PGgxPkplcnVzYWxlbSdzICJNeXN0ZXJpb3VzIDExIiBTYWZlbHkgJmFtcDsgTmF0dXJhbGx5IENhbG1zIEVycmF0aWMgQmxvb2QgU3VnYXIgRm9yIFVwIFRvIDI0Jm5ic3A7SG91cnMuLi48L2gxPjxoMT5KZXJ1c2FsZW0ncyAiTXlzdGVyaW91cyAxMSIgU2FmZWx5ICZhbXA7IE5hdHVyYWxseSBDYWxtcyBFcnJhdGljIEJsb29kIFN1Z2FyIEZvciBVcCBUbyAyNCZuYnNwO0hvdXJzLi4uPC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNTk8L2gxPjxoMSBjbGFzcz0iY2FyZC10aXRsZSBwcmljaW5nLWNhcmQtdGl0bGUiPiQzOSA8c21hbGw-cGVyIGNvbnRhaW5lcjwvc21hbGw-PC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNDkgPHNtYWxsPnBlciBjb250YWluZXI8L3NtYWxsPjwvaDE-

3.83.72.121

302 Found

0 B

URL HTTP/2
rp.liadm.com/j?dtstmp=1667583433861&aid=a-075m&se=e30&duid=9fdfca52ca67--01gh1vfpy7v5mn2b9725z3mfrc&tna=v2.5.0&pu=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&wpn=lc-bundle&c=PHRpdGxlPkplcnVzYWxlbSBGbG93ZXI8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaXNjb3ZlciBuYXR1cmFsIHdheXMgdG8gc3VwcG9ydCB5b3VyIGJvZHkncyBuYXR1cmFsIGhlYWxpbmcgcmVzcG9uc2Ugc3lzdGVtLiI-PGgxPkplcnVzYWxlbSdzICJNeXN0ZXJpb3VzIDExIiBTYWZlbHkgJmFtcDsgTmF0dXJhbGx5IENhbG1zIEVycmF0aWMgQmxvb2QgU3VnYXIgRm9yIFVwIFRvIDI0Jm5ic3A7SG91cnMuLi48L2gxPjxoMT5KZXJ1c2FsZW0ncyAiTXlzdGVyaW91cyAxMSIgU2FmZWx5ICZhbXA7IE5hdHVyYWxseSBDYWxtcyBFcnJhdGljIEJsb29kIFN1Z2FyIEZvciBVcCBUbyAyNCZuYnNwO0hvdXJzLi4uPC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNTk8L2gxPjxoMSBjbGFzcz0iY2FyZC10aXRsZSBwcmljaW5nLWNhcmQtdGl0bGUiPiQzOSA8c21hbGw-cGVyIGNvbnRhaW5lcjwvc21hbGw-PC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNDkgPHNtYWxsPnBlciBjb250YWluZXI8L3NtYWxsPjwvaDE-
IP
3.83.72.121:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /j?dtstmp=1667583433861&aid=a-075m&se=e30&duid=9fdfca52ca67--01gh1vfpy7v5mn2b9725z3mfrc&tna=v2.5.0&pu=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&wpn=lc-bundle&c=PHRpdGxlPkplcnVzYWxlbSBGbG93ZXI8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaXNjb3ZlciBuYXR1cmFsIHdheXMgdG8gc3VwcG9ydCB5b3VyIGJvZHkncyBuYXR1cmFsIGhlYWxpbmcgcmVzcG9uc2Ugc3lzdGVtLiI-PGgxPkplcnVzYWxlbSdzICJNeXN0ZXJpb3VzIDExIiBTYWZlbHkgJmFtcDsgTmF0dXJhbGx5IENhbG1zIEVycmF0aWMgQmxvb2QgU3VnYXIgRm9yIFVwIFRvIDI0Jm5ic3A7SG91cnMuLi48L2gxPjxoMT5KZXJ1c2FsZW0ncyAiTXlzdGVyaW91cyAxMSIgU2FmZWx5ICZhbXA7IE5hdHVyYWxseSBDYWxtcyBFcnJhdGljIEJsb29kIFN1Z2FyIEZvciBVcCBUbyAyNCZuYnNwO0hvdXJzLi4uPC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNTk8L2gxPjxoMSBjbGFzcz0iY2FyZC10aXRsZSBwcmljaW5nLWNhcmQtdGl0bGUiPiQzOSA8c21hbGw-cGVyIGNvbnRhaW5lcjwvc21hbGw-PC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNDkgPHNtYWxsPnBlciBjb250YWluZXI8L3NtYWxsPjwvaDE- HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 04 Nov 2022 17:37:15 GMT
content-length: 0
trace-id: 8f15d5fdc3ddbad1
vary: Origin
location: /j?dtstmp=1667583433861&aid=a-075m&se=e30&duid=9fdfca52ca67--01gh1vfpy7v5mn2b9725z3mfrc&tna=v2.5.0&pu=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&wpn=lc-bundle&c=PHRpdGxlPkplcnVzYWxlbSBGbG93ZXI8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaXNjb3ZlciBuYXR1cmFsIHdheXMgdG8gc3VwcG9ydCB5b3VyIGJvZHkncyBuYXR1cmFsIGhlYWxpbmcgcmVzcG9uc2Ugc3lzdGVtLiI-PGgxPkplcnVzYWxlbSdzICJNeXN0ZXJpb3VzIDExIiBTYWZlbHkgJmFtcDsgTmF0dXJhbGx5IENhbG1zIEVycmF0aWMgQmxvb2QgU3VnYXIgRm9yIFVwIFRvIDI0Jm5ic3A7SG91cnMuLi48L2gxPjxoMT5KZXJ1c2FsZW0ncyAiTXlzdGVyaW91cyAxMSIgU2FmZWx5ICZhbXA7IE5hdHVyYWxseSBDYWxtcyBFcnJhdGljIEJsb29kIFN1Z2FyIEZvciBVcCBUbyAyNCZuYnNwO0hvdXJzLi4uPC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNTk8L2gxPjxoMSBjbGFzcz0iY2FyZC10aXRsZSBwcmljaW5nLWNhcmQtdGl0bGUiPiQzOSA8c21hbGw-cGVyIGNvbnRhaW5lcjwvc21hbGw-PC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNDkgPHNtYWxsPnBlciBjb250YWluZXI8L3NtYWxsPjwvaDE-&n3pc=true
set-cookie: lidid=4aac6338-fc96-4be8-be97-38f90e3dcccf; Max-Age=63072000; Expires=Sun, 03 Nov 2024 17:37:15 GMT; SameSite=None; Path=/; Domain=.liadm.com; Secure; HTTPOnly
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://bartonnutrition.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2

capture.trackjs.com/capture?token=5a697d58eec24ae599b030cf7cc56ebd

15.235.42.36

200 OK

0 B

URL HTTP/2
capture.trackjs.com/capture?token=5a697d58eec24ae599b030cf7cc56ebd
IP
15.235.42.36:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /capture?token=5a697d58eec24ae599b030cf7cc56ebd HTTP/1.1
Host: capture.trackjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4566
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 17:37:15 GMT
content-length: 0
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 86400
X-Firefox-Spdy: h2

3.83.72.121

200 OK

13 B

URL HTTP/2
rp.liadm.com/j?dtstmp=1667583433861&aid=a-075m&se=e30&duid=9fdfca52ca67--01gh1vfpy7v5mn2b9725z3mfrc&tna=v2.5.0&pu=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&wpn=lc-bundle&c=PHRpdGxlPkplcnVzYWxlbSBGbG93ZXI8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaXNjb3ZlciBuYXR1cmFsIHdheXMgdG8gc3VwcG9ydCB5b3VyIGJvZHkncyBuYXR1cmFsIGhlYWxpbmcgcmVzcG9uc2Ugc3lzdGVtLiI-PGgxPkplcnVzYWxlbSdzICJNeXN0ZXJpb3VzIDExIiBTYWZlbHkgJmFtcDsgTmF0dXJhbGx5IENhbG1zIEVycmF0aWMgQmxvb2QgU3VnYXIgRm9yIFVwIFRvIDI0Jm5ic3A7SG91cnMuLi48L2gxPjxoMT5KZXJ1c2FsZW0ncyAiTXlzdGVyaW91cyAxMSIgU2FmZWx5ICZhbXA7IE5hdHVyYWxseSBDYWxtcyBFcnJhdGljIEJsb29kIFN1Z2FyIEZvciBVcCBUbyAyNCZuYnNwO0hvdXJzLi4uPC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNTk8L2gxPjxoMSBjbGFzcz0iY2FyZC10aXRsZSBwcmljaW5nLWNhcmQtdGl0bGUiPiQzOSA8c21hbGw-cGVyIGNvbnRhaW5lcjwvc21hbGw-PC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNDkgPHNtYWxsPnBlciBjb250YWluZXI8L3NtYWxsPjwvaDE-&n3pc=true
IP
3.83.72.121:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
13 B (13 bytes)
Hash
97efe0b7ee61e154d57e80758bb797d8
810b4e115fe9f5ae697666febf2a9abf0b21c9ec
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

HTTP Headers

GET /j?dtstmp=1667583433861&aid=a-075m&se=e30&duid=9fdfca52ca67--01gh1vfpy7v5mn2b9725z3mfrc&tna=v2.5.0&pu=https%3A%2F%2Fbartonnutrition.com%2Fptn%2F21%3Futm_campaign%3Dfg_jerusalem%26utm_medium%3Demail%26utm_content%3Dfg_bowel%26utm_source%3Dmaxweb%26subid%3D7605_sessid20221104173733850%26utm_term%3Demail%26AFFID%3D474832&wpn=lc-bundle&c=PHRpdGxlPkplcnVzYWxlbSBGbG93ZXI8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaXNjb3ZlciBuYXR1cmFsIHdheXMgdG8gc3VwcG9ydCB5b3VyIGJvZHkncyBuYXR1cmFsIGhlYWxpbmcgcmVzcG9uc2Ugc3lzdGVtLiI-PGgxPkplcnVzYWxlbSdzICJNeXN0ZXJpb3VzIDExIiBTYWZlbHkgJmFtcDsgTmF0dXJhbGx5IENhbG1zIEVycmF0aWMgQmxvb2QgU3VnYXIgRm9yIFVwIFRvIDI0Jm5ic3A7SG91cnMuLi48L2gxPjxoMT5KZXJ1c2FsZW0ncyAiTXlzdGVyaW91cyAxMSIgU2FmZWx5ICZhbXA7IE5hdHVyYWxseSBDYWxtcyBFcnJhdGljIEJsb29kIFN1Z2FyIEZvciBVcCBUbyAyNCZuYnNwO0hvdXJzLi4uPC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNTk8L2gxPjxoMSBjbGFzcz0iY2FyZC10aXRsZSBwcmljaW5nLWNhcmQtdGl0bGUiPiQzOSA8c21hbGw-cGVyIGNvbnRhaW5lcjwvc21hbGw-PC9oMT48aDEgY2xhc3M9ImNhcmQtdGl0bGUgcHJpY2luZy1jYXJkLXRpdGxlIj4kNDkgPHNtYWxsPnBlciBjb250YWluZXI8L3NtYWxsPjwvaDE-&n3pc=true HTTP/1.1
Host: rp.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bartonnutrition.com
Referer: https://bartonnutrition.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 04 Nov 2022 17:37:15 GMT
content-type: application/json
content-length: 13
trace-id: b43933248e328c0b
vary: Origin
request-time: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-pixel-event-id: 517a6edd-3e79-4c3e-a68e-b4fcc18a8413
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://bartonnutrition.com
access-control-allow-credentials: true
x-permitted-cross-domain-policies: master-only
X-Firefox-Spdy: h2

usage.trackjs.com/usage.gif?token=5a697d58eec24ae599b030cf7cc56ebd&correlationId=6a06a394-06ff-4d89-abe1-307f07159315&application=&x=8daf9ed4-c265-4547-a4e6-7c48951595e5&

167.114.119.127

200 OK

43 B

URL HTTP/1.1
usage.trackjs.com/usage.gif?token=5a697d58eec24ae599b030cf7cc56ebd&correlationId=6a06a394-06ff-4d89-abe1-307f07159315&application=&x=8daf9ed4-c265-4547-a4e6-7c48951595e5&
IP
167.114.119.127:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /usage.gif?token=5a697d58eec24ae599b030cf7cc56ebd&correlationId=6a06a394-06ff-4d89-abe1-307f07159315&application=&x=8daf9ed4-c265-4547-a4e6-7c48951595e5& HTTP/1.1
Host: usage.trackjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 17:37:15 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f91f0b56b5d20e188496f1356a9ed00f
2d627cf78c7953e72780ca250c8e6f5ef384d06d
e058a1a79545e2af998e7ceaef94fae4dda05f88ea7d0c5ebf53f7696e8d206a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112093
Date: Fri, 04 Nov 2022 17:37:18 GMT
Etag: "6364564f-1d7"
Expires: Sun, 06 Nov 2022 00:45:31 GMT
Last-Modified: Fri, 04 Nov 2022 00:01:19 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dlghJ_uHb8F6GuNKYfeO78KZA_OfJgmWbcc-6jkY9Gk6dqy_jtqc0A==
Age: 2652

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f91f0b56b5d20e188496f1356a9ed00f
2d627cf78c7953e72780ca250c8e6f5ef384d06d
e058a1a79545e2af998e7ceaef94fae4dda05f88ea7d0c5ebf53f7696e8d206a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114521
Date: Fri, 04 Nov 2022 17:37:18 GMT
Etag: "6364564f-1d7"
Expires: Sun, 06 Nov 2022 01:25:59 GMT
Last-Modified: Fri, 04 Nov 2022 00:01:19 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UmxVaitrW-Bo6TeGYWd05mMt6Fgb5juRiOonAW0hPkJ2bSw4-Dp4pg==
Age: 5080

secure.ultracart.com/rest/v2/checkout/allowedCountries

13.248.135.131

200 OK

0 B

URL HTTP/1.1
secure.ultracart.com/rest/v2/checkout/allowedCountries
IP
13.248.135.131:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /rest/v2/checkout/allowedCountries HTTP/1.1
Host: secure.ultracart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-ultracart-api-version,x-ultracart-browser-key
Referer: https://bartonnutrition.com/
Origin: https://bartonnutrition.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 17:37:18 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=b3RzWYOzIqRvmFXWC4BpogvSydHbG8+YansOBeRmZFbEs3jxSixTdiNgV4AY7X7o/TD6dIewMXmx5DHu0EAzbTCstWuOI5C7l/OxQF8VxeQxmPMlzjUKB0wCWyz7; Expires=Fri, 11 Nov 2022 17:37:18 GMT; Path=/
AWSALBCORS=b3RzWYOzIqRvmFXWC4BpogvSydHbG8+YansOBeRmZFbEs3jxSixTdiNgV4AY7X7o/TD6dIewMXmx5DHu0EAzbTCstWuOI5C7l/OxQF8VxeQxmPMlzjUKB0wCWyz7; Expires=Fri, 11 Nov 2022 17:37:18 GMT; Path=/; SameSite=None; Secure
Server: Apache
Access-Control-Allow-Origin: https://bartonnutrition.com
Access-Control-Allow-Credentials: true
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: HEAD, DELETE, POST, GET, PUT
Access-Control-Allow-Headers: x-ultracart-api-version,x-ultracart-browser-key

secure.ultracart.com/rest/v2/checkout/allowedCountries

13.248.135.131

200 OK

2.8 kB

URL HTTP/1.1
secure.ultracart.com/rest/v2/checkout/allowedCountries
IP
13.248.135.131:0
ASN
#16509 AMAZON-02

File type
data
Size
2.8 kB (2779 bytes)
Hash
56a3401e1bc5ed4d82a35a921fe54dd9
872f127c6a7ede789cfa2bac846ff2eaf6f0c977
4710de217aa8eb58f6b8e1c0c1256a4a2fded44bf1c0a066bc138d1089b52825

HTTP Headers

POST /rest/v2/checkout/allowedCountries HTTP/1.1
Host: secure.ultracart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-UltraCart-Api-Version: 2017-03-01
x-ultracart-browser-key: 1f9e61a3106e7e017ae9d55bf21fb400
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 17:37:18 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=dmNU/DrZVxqNDWal6VhVD+eo3B/nM+ftsjEO3sb02UMqT/iE9WIRG2gmTXZPe+RNe0HWvK4lF34dlFi3Jffwo1JJkH1QjIx0t7qSK4sHv4fEku8/qaX11tnKKj/S; Expires=Fri, 11 Nov 2022 17:37:18 GMT; Path=/
AWSALBCORS=dmNU/DrZVxqNDWal6VhVD+eo3B/nM+ftsjEO3sb02UMqT/iE9WIRG2gmTXZPe+RNe0HWvK4lF34dlFi3Jffwo1JJkH1QjIx0t7qSK4sHv4fEku8/qaX11tnKKj/S; Expires=Fri, 11 Nov 2022 17:37:18 GMT; Path=/; SameSite=None; Secure
Server: Apache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bartonnutrition.com
Vary: Origin,Accept-Encoding
X-UltraCart-Request-Id: BCB463A308040D018443B7EDDF1FA3214
Content-Encoding: gzip

secure.ultracart.com/rest/v2/checkout/cart?_expand=affiliate,billing,checkout,coupons,customer_profile,gift,gift_certificate,items,items.attributes,items.multimedia,items.multimedia.thumbnails,items.physical,marketing,payment,shipping,summary,taxes,upsell_after,settings.shipping.ship_on_date,settings.billing.provinces,settings.shipping.provinces,settings.gift,settings.shipping.deliver_on_date,settings.terms,settings.taxes

13.248.135.131

200 OK

0 B

URL HTTP/1.1
secure.ultracart.com/rest/v2/checkout/cart?_expand=affiliate,billing,checkout,coupons,customer_profile,gift,gift_certificate,items,items.attributes,items.multimedia,items.multimedia.thumbnails,items.physical,marketing,payment,shipping,summary,taxes,upsell_after,settings.shipping.ship_on_date,settings.billing.provinces,settings.shipping.provinces,settings.gift,settings.shipping.deliver_on_date,settings.terms,settings.taxes
IP
13.248.135.131:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /rest/v2/checkout/cart?_expand=affiliate,billing,checkout,coupons,customer_profile,gift,gift_certificate,items,items.attributes,items.multimedia,items.multimedia.thumbnails,items.physical,marketing,payment,shipping,summary,taxes,upsell_after,settings.shipping.ship_on_date,settings.billing.provinces,settings.shipping.provinces,settings.gift,settings.shipping.deliver_on_date,settings.terms,settings.taxes HTTP/1.1
Host: secure.ultracart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-ultracart-api-version,x-ultracart-browser-key
Referer: https://bartonnutrition.com/
Origin: https://bartonnutrition.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 17:37:18 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: AWSALB=kthsxKyVoGUTHXQnD/o4DPnqMMCVZrD8EGwszCPqspUvVgdl3isPU88cATdWoQ5OAlqPaQgfJzvaYcpdL65gGgGxX3mse3WdhF61Zpis9Cr6fIbph4n55eXz7RRy; Expires=Fri, 11 Nov 2022 17:37:18 GMT; Path=/
AWSALBCORS=kthsxKyVoGUTHXQnD/o4DPnqMMCVZrD8EGwszCPqspUvVgdl3isPU88cATdWoQ5OAlqPaQgfJzvaYcpdL65gGgGxX3mse3WdhF61Zpis9Cr6fIbph4n55eXz7RRy; Expires=Fri, 11 Nov 2022 17:37:18 GMT; Path=/; SameSite=None; Secure
Server: Apache
Access-Control-Allow-Origin: https://bartonnutrition.com
Access-Control-Allow-Credentials: true
Vary: Origin
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: HEAD, DELETE, POST, GET, PUT
Access-Control-Allow-Headers: x-ultracart-api-version,x-ultracart-browser-key

13.248.135.131

200 OK

1.1 kB

URL HTTP/1.1
secure.ultracart.com/rest/v2/checkout/cart?_expand=affiliate,billing,checkout,coupons,customer_profile,gift,gift_certificate,items,items.attributes,items.multimedia,items.multimedia.thumbnails,items.physical,marketing,payment,shipping,summary,taxes,upsell_after,settings.shipping.ship_on_date,settings.billing.provinces,settings.shipping.provinces,settings.gift,settings.shipping.deliver_on_date,settings.terms,settings.taxes
IP
13.248.135.131:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (4123), with no line terminators
Size
1.1 kB (1133 bytes)
Hash
8915d85ab7bd558399dca9dbabe8f39b
4e5563275cdcc6fc2452a2103d9586d76b51ba4e
2e724b9c0ae359e766b29ebd38d67b28d48d8d0868be0b4e879e7af723b52052

HTTP Headers

GET /rest/v2/checkout/cart?_expand=affiliate,billing,checkout,coupons,customer_profile,gift,gift_certificate,items,items.attributes,items.multimedia,items.multimedia.thumbnails,items.physical,marketing,payment,shipping,summary,taxes,upsell_after,settings.shipping.ship_on_date,settings.billing.provinces,settings.shipping.provinces,settings.gift,settings.shipping.deliver_on_date,settings.terms,settings.taxes HTTP/1.1
Host: secure.ultracart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-UltraCart-Api-Version: 2017-03-01
x-ultracart-browser-key: 1f9e61a3106e7e017ae9d55bf21fb400
Origin: https://bartonnutrition.com
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 17:37:18 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1133
Connection: keep-alive
Set-Cookie: AWSALB=ZLggrmHuKXYgrQD4q4gYIQm8H6ydSKLQHqWKYVcIG2xDWF3xsM9OJTXg8Xu38ZjH8XKh2X7ts/fjv23S24ovhQj59oyawHqe2SeVy9SHn6crIiSdbeV3J1J9pHaV; Expires=Fri, 11 Nov 2022 17:37:18 GMT; Path=/
AWSALBCORS=ZLggrmHuKXYgrQD4q4gYIQm8H6ydSKLQHqWKYVcIG2xDWF3xsM9OJTXg8Xu38ZjH8XKh2X7ts/fjv23S24ovhQj59oyawHqe2SeVy9SHn6crIiSdbeV3J1J9pHaV; Expires=Fri, 11 Nov 2022 17:37:18 GMT; Path=/; SameSite=None; Secure
Server: Apache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bartonnutrition.com
Vary: Origin,Accept-Encoding
X-UltraCart-Request-Id: C89D18F5D9CBF8018443B7EEFF1F17219
Content-Encoding: gzip

dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/components/payment-methods/visa-mast-disc-amex.png

143.204.42.123

200 OK

18 kB

URL HTTP/2
dndngvalp4jdj.cloudfront.net/bartonnutrition.com/images/components/payment-methods/visa-mast-disc-amex.png
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type
PNG image data, 323 x 62, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (18168 bytes)
Hash
0deee3edc60de3a6f7c80d97f28480bc
9987041d98b19d91cf2241e1eafc2072e2adc34e
acd8c8514a50b7b5b657606956d0c93dee37c5026477c6ed06e8b4cb9e88b32a

HTTP Headers

GET /bartonnutrition.com/images/components/payment-methods/visa-mast-disc-amex.png HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 18168
last-modified: Wed, 22 Jul 2020 20:06:21 GMT
x-amz-version-id: 5vH56tgXOYh6DrZQTqmZB10aUKOCwBXK
accept-ranges: bytes
server: AmazonS3
date: Fri, 04 Nov 2022 16:50:41 GMT
cache-control: max-age=2600000
etag: "0deee3edc60de3a6f7c80d97f28480bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LGeQS9rw0vZjRkdPxRh7C12P2w83jSObjQ9oD6KubyQRtqNteTijUw==
age: 2800
X-Firefox-Spdy: h2

token.ultracart.com/checkout/checkout-hosted-fields-1.0.js

143.204.55.88

200 OK

0 B

URL HTTP/2
token.ultracart.com/checkout/checkout-hosted-fields-1.0.js
IP
143.204.55.88:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /checkout/checkout-hosted-fields-1.0.js HTTP/1.1
Host: token.ultracart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 17 Dec 2021 20:29:35 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: AIxokTMFSmFEihvG6rb8t6t1o2UdqKeo
server: AmazonS3
content-encoding: gzip
date: Fri, 04 Nov 2022 07:05:37 GMT
etag: W/"512dfa861970d35c07b14485ab52cf30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x7ckQ0JcXS8en-EWFRYapVrqzuq-jChp1wwib_IA7ogD2x_yaXFNww==
age: 40662
X-Firefox-Spdy: h2

bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832

172.67.140.245

200 OK

0 B

URL HTTP/2
bartonnutrition.com/ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832
IP
172.67.140.245:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ptn/21?utm_campaign=fg_jerusalem&utm_medium=email&utm_content=fg_bowel&utm_source=maxweb&subid=7605_sessid20221104173733850&utm_term=email&AFFID=474832 HTTP/1.1
Host: bartonnutrition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 04 Nov 2022 17:37:13 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
set-cookie: PHPSESSID=cf0fe4ee09dd0da9ed155d2ee49eba24; path=/
bp_dep=0; expires=Thu, 02-Feb-2023 17:37:12 GMT; Max-Age=7775999; path=/; domain=.bartonnutrition.com
bp_0=%7B%22client%22%3A%7B%22original_url%22%3A%22https%3A%5C%2F%5C%2Fbartonnutrition.com%5C%2Fptn%5C%2F21%3Fsubid%3D7605_sessid20221104173733850%26AFFID%3D474832%22%2C%22converting_referrer_url%22%3Anull%7D%2C%22session%22%3A%7B%22start_date%22%3A%222022-11-04T13%3A37%3A13-0400%22%2C%22session_id%22%3A%22BP-202211041337-131899%22%7D%2C%22internal%22%3A%7B%22upfront_offer%22%3Anull%2C%22upfront_creative%22%3Anull%7D%2C%22page%22%3A%7B%22traffic_source%22%3A%22MaxWeb%22%2C%22subid%22%3A%227605_sessid20221104173733850%22%2C%22facebook_pixel_id%22%3A%22368276591178798%22%2C%22lead_gen%22%3Atrue%2C%22exit-popup%22%3Afalse%2C%22double_exit-popup%22%3Afalse%2C%22web_engage%22%3Afalse%2C%22interstitial_redirect%22%3Afalse%7D%2C%22cart%22%3A%7B%22returnOnErrorUrl%22%3A%22https%3A%5C%2F%5C%2Fbartonnutrition.com%5C%2Fcheckout%22%2C%22redirectToUrl%22%3A%22https%3A%5C%2F%5C%2Fbartonnutrition.com%5C%2Fcheckout%3Ferror%3DSorry%252C%2520we%2520could%2520not%2520complete%2520your%2520order.%2520Please%2520try%2520again.%22%2C%22upsell_path%22%3A%22DEFAULT%22%2C%22items_taken%22%3A%7B%7D%2C%22items_rejected%22%3A%7B%7D%2C%22buysafe_wanted%22%3Anull%7D%2C%22order%22%3A%7B%22encrypted_hash%22%3Anull%7D%7D; path=/; domain=.bartonnutrition.com
bp_1=%7B%22returning_visitor%22%3Afalse%7D; expires=Fri, 11-Nov-2022 17:37:12 GMT; Max-Age=604799; path=/; domain=.bartonnutrition.com
bp_2=%7B%22page%22%3A%7B%22campaign_name%22%3A%22%22%2C%22campaign_medium%22%3A%22%22%2C%22campaign_source%22%3A%22%22%2C%22campaign_content%22%3A%22%22%2C%22campaign_term%22%3A%22%22%7D%7D; expires=Thu, 02-Feb-2023 17:37:12 GMT; Max-Age=7775999; path=/; domain=.bartonnutrition.com
bp_3=%7B%7D; expires=Sat, 04-Nov-2023 17:37:12 GMT; Max-Age=31535999; path=/; domain=.bartonnutrition.com
bp_c=1.0.0; expires=Sat, 04-Nov-2023 17:37:12 GMT; Max-Age=31535999; path=/; domain=.bartonnutrition.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iZ%2FqN%2FYfeO%2BF8lJeymPWbFMv1tBBzDlTR9X6fgeG%2BInKE6l4bfbXNMq6Q9uT3zEYbJb22%2F0Y2dBKOxD6CJiD7c1S6aYVH4jDvyf089O%2BUe8aqCHJDkUsCsAve7jTiO3ZJA3KE1q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 764f1dc50e6eb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dndngvalp4jdj.cloudfront.net/bartonnutrition.com/styles/global/styles.min.css?v=1.14.11.13

143.204.42.123

200 OK

0 B

URL HTTP/2
dndngvalp4jdj.cloudfront.net/bartonnutrition.com/styles/global/styles.min.css?v=1.14.11.13
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bartonnutrition.com/styles/global/styles.min.css?v=1.14.11.13 HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
date: Fri, 04 Nov 2022 17:08:46 GMT
last-modified: Wed, 22 Jul 2020 19:57:24 GMT
etag: W/"ec5e832fc9f734bc601dd3e4065eab2a"
cache-control: max-age=2600000
x-amz-version-id: 1COcJ3NcnAvCPIOgzXXkzOyXVkVmXLk8
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9szRNHmC86RqFTKBTF52uHGv1hZdC_-beHAAYePB5U3QBkP2mbfRhg==
age: 1708
X-Firefox-Spdy: h2

dndngvalp4jdj.cloudfront.net/vendor/modernizr3.6.0.min.js

143.204.42.123

200 OK

0 B

URL HTTP/2
dndngvalp4jdj.cloudfront.net/vendor/modernizr3.6.0.min.js
IP
143.204.42.123:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /vendor/modernizr3.6.0.min.js HTTP/1.1
Host: dndngvalp4jdj.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 25 Apr 2018 21:12:10 GMT
x-amz-version-id: hPrDidzn7AonSL1912mDwx7NrAMCc39r
server: AmazonS3
content-encoding: gzip
date: Fri, 04 Nov 2022 17:09:59 GMT
etag: W/"f4631027c55199d5f09d1eb1091474ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d8Vr5Y1tXvcWY0RSzarxEraVL_n5AZZuo6qJ8iPmRmM5NLZaXLNMtA==
age: 1635
X-Firefox-Spdy: h2

go.maxweb.com/conversion/iframe/?a=7605&token=3e2a3a9ca662d54af6a7c07ef0c06f02

172.66.40.143

200 OK

0 B

URL HTTP/2
go.maxweb.com/conversion/iframe/?a=7605&token=3e2a3a9ca662d54af6a7c07ef0c06f02
IP
172.66.40.143:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /conversion/iframe/?a=7605&token=3e2a3a9ca662d54af6a7c07ef0c06f02 HTTP/1.1
Host: go.maxweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bartonnutrition.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 04 Nov 2022 17:37:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Fri, 04 Nov 2022 18:37:14 GMT
cache-control: max-age=3600, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 764f1dd3394c0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (41)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations